Potential DoS Vulnerability with Android System
I had reported a potential flaw in the Android system that could be used to perform DOS (Denial-of-Service) on an Android Phone. The issue was caused by a poor programming assumption which could have been avoided with a good programming 101 course.
I had developed a tool called c-ray to help me with quick and dirty pentest and analysis of android applications and system. I stumbled on the issue while playing around with android core system and c-ray application.
The issue was caused by an input validation error caused by assumption of the developer. An intent to "android.accounts.GrantCredentialsPermission" class of android core system results in system crash and reboot of the system. Further analysis and reasons below.
For the normal user - Steps to reproduce the problem:
(Advanced users with knowledge of Android SDK and platform proceed to next section.)
- Launch C-Ray
- type "android" in the text box
- Choose "Package Name" radio button
- Click "Manual Scan"
Manual Scan feature lists all activities, services and receivers associated with an application - in this case the android core system.
Click the "android.accounts.GrantCredentialsPermission" from the manual scan list and continue with default action.
CLick "Yes". The system will freeze for a moment and then reboot with your usual boot screen image/logo.
For Advanced Users:
This issue was reported first in Android core system running on 2.3.4. Google had responded immediately and informed me that they have fixed the issue. At the time of writing this blog,the issue was still at large even on Nexus S running 2.3.6 & 2.3.7.
The real question is: How long before this issue will be fixed on multiple fragmented releases by multiple vendors.