This article was published on March 26, 2012

Google to patch Android Denial of Service exploit using fixes provided by Italian researchers that found it


Google to patch Android Denial of Service exploit using fixes provided by Italian researchers that found it

Four researchers representing some of Italy’s top universities and research centres have identified and patched a Denial of Service exploit that affects all versions of Google’s Android operating system, a fix that Google has said will be used in the next update for Android smartphones and tablets.

Alessandro Armando, Head of the Research Unit “Security & Trust” and coordinator of the Artificial Intelligence Laboratory at the University of Genoa, Alessio Merlo of Telematic University E-Campus, Professor. Mauro Migliardi, a coordinator at the University of Padova and Luke Verderame, Computer Engineering graduate at the University of Genoa made the discovery, which was noted in a research paper (PDF) hosted on a University of Genoa’s website.

According to the paper, the researchers present a “previously unknown vulnerability in Android OS that allows a malicious application to force the system to fork an unbounded number of processes and thereby mounting a Denial-of-Service (DoS) attack that makes the device totally unresponsive.”

The test application was used on a number of smartphones, including the LG Optimus One smartphone and different tablets including the Samsung Galaxy Tab. The Optimius One froze in less than a minute while others — including the Galaxy Tab — froze in under 2 minutes.

By invoking a process in the Linux layer that does not perform a binding operation with an Android app, the team was able to bypass the security policies within the OS, thereby occupying all of the memory resources on a smartphone or tablet, without needing to access malicious Android permissions.

If an enterprising malware app developer forced an application to load on boot, a reboot of the device would prove fruitless.

The team offered two fixes to patch the vulnerability. The first involved checking if the specific process comes from a ‘legal source’ — one being the System Server — with the second restricting the permissions on the target socket at the Linux layer. The vulnerability was sent to Google, the Open Handset Alliance and the US-CERT.

With Google needing to ensure the bug was fixed quickly (as it could potentially affect so many devices), the company ended up using the fix provided in the paper, which will be rolled out in future Android OS updates in the near future.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with