Skip to content

agg23/cve-2024-31317

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Exploration of CVE-2024-31317

CVE-2024-31317 provides unpriviledged access to any uid and SELinux scope available to proper Android apps. This provides access to uid 1000 (system) and uid 2000 (shell), and can be triggered entirely from an unpriviledged app, allowing for persistence of any functionality using it.

Availability

This exploit should apply to most Android versions prior to the June 2024 security patch and Android 9+. Some vendors may have cherry picked this change into older versions. Specifically, this means Android 9-14 with a security patch of 2024-06-01 or lower.

The vulnerability is trivial for Android versions 11 and below. See the attached sources for implementation instructions on pre-12 versions.

Derived Access

shell priviledge should be the same as access directly via adb shell. system priviledge is more questionable. @oddbyte is maintaining a list of available system access, specifically relating to this vulnerability. The default prop context permissions are listed in property_contexts and system_app.te.

Sources

This research has heavily been based on the following sources and the actual Android source code:

About

Detailed discussion of Zygote vulnerability CVE-2024-31317

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages