Download our in-depth report: The Ultimate Guide to IT Security Vendors
Google is pushing out its May patch update for Android devices this week, with the much maligned mediaserver component once again being patched for critical vulnerabilities.
There are 17 critical vulnerabilities addressed in the May update, six of which are flaws in the mediaserver Android library. The mediaserver library has been the subject of intense scrutiny since July 2015, when the first Stagefirst flaws were publicly reported.The Android mediaserver has been patched in every Android security update issued by Google since August 2015.
All six critical issues in mediaserver that patched in May (CVE-2017-0587,CVE-2017-0588,CVE-2017-0589, CVE-2017-0590, CVE-2017-0591 and CVE-2017-0592) are remote code execution vulnerabilities.
"A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing," Google warns in its advisory. "This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
Beyond just the critical issues, Google is also patching mediaserver for seven additional vulnerabilities this month. Among the mediaserver flaws are three high impact privlege escalation vulnerabilities (CVE-2017-0592, CVE-2017-0595 and CVE-2017-0596).
"An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process," Google advisory states. "This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application."
Rounding out the mediaserver flaws are four Denial of Service (DoS) issues (CVE-2017-0599, CVE-2017-0600, CVE-2017-0603 and CVE-2017-0625)
Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.