尊敬的
微信汇率:1円 ≈ 0.046166 元
支付宝汇率:1円 ≈ 0.046257元
[退出登录]
雅虎竞拍
煤炉代买
paypay商城
乐天二手
日本亚马逊
乐天新品
ZOZOTOWN
The ALSA System on Chip (ASoC) provides a common architecture for chip vendors to develop drivers for their sound SoCs and codecs. It is also the core management of sound drivers in Android kernel. Compare with the well-known libstagefright library, the ASoC driver works in kernel space and talk to up level media libraries through HAL, thus it plays a much more important role, it is the real heart of the whole Android media service. However, few vulnerabilities have been disclosed on this part on Android before our research (starting from the middle of 2016). There are multiple reasons: The ALSA project has almost twenty years history and most bugs may have been killed in the past few years in main linux kernel; Developers become more and more familiar with the project thus not easy to introduce bunch of new bugs; The standard of coding style, testing flow and code review processes guaranteed the quality, and this is often what the open source projects benefits. But what if this old project meets with the much younger Android OS? The situation is really out of my expectation. With a total review of the ASoC implementation and combining effective fuzzing tools, I was able to disclose dozens of bugs in Android ASoC drivers. These bugs includes the type of normal OOBs, the stack overflows, the heap overflows, race conditions and the use-after-free/double-frees. And what comes out more interesting is that, these bugs were introduced from several different channels: chip vendors, device manufacturers, and the ALSA project maintainers. This proves me the fact that the ASoC driver in Android kernel is a completely vulnerable but overlooked attack surface.
