HardOCP News
[H] News
- Joined
- Dec 31, 1969
- Messages
- 0
Trend Micro has discovered a vulnerability in Debuggerd, the integrated Android debugger, that can be used to expose the contents of the device’s memory.
A specially crafted ELF (Executable and Linkable Format) file can crash the debugger and expose the memory content via tombstone files and corresponding logd log files. This information can be used in denial of service attacks, as well as to help bypass ASLR for arbitrary code execution. By itself, the vulnerability cannot be used for code execution. However, the information leaked here may be combined with other flaws for that purpose.