CVE-2019-15027

N/A

Description

The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data.

Details CVE

Score CVSS v3.1N/A

Publie8/14/2019

Derniere modification11/21/2024

Sourcenvd

Observations honeypot0

Produits affectes

mediatek:mt6577mediatek:mt6577_firmwaremediatek:mt6625mediatek:mt6625_firmwaremediatek:mt8163mediatek:mt8163_firmware

Faiblesses (CWE)

CWE-78

References

https://dojo.bullguard.com/dojo-by-bullguard/blog/gaining-rooting-primitives-for-android-mediatek-chips/(cve@mitre.org)

https://github.com/andr3jx/MTK6577/blob/238012ebf18e3751397884d1742ff7ab6417e80d/mediatek/platform/mt6577/external/meta/emmc/meta_clr_emmc.c#L302-L305(cve@mitre.org)

https://dojo.bullguard.com/dojo-by-bullguard/blog/gaining-rooting-primitives-for-android-mediatek-chips/(af854a3a-2127-422b-91ae-364da2661108)

https://github.com/andr3jx/MTK6577/blob/238012ebf18e3751397884d1742ff7ab6417e80d/mediatek/platform/mt6577/external/meta/emmc/meta_clr_emmc.c#L302-L305(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.