BlackBerry patches buffer overflow vulnerability discovered in BlackBerry OS 10.1
on 9 Apr 2014 10:14 pm EDT
Back in June of 2013, the BlackBerry Security Incident Response Team was advised by modzero that a buffer overflow vulnerability was discovered in BlackBerry 10 OS versions earlier than version 10.2.0.1055. As part of the process, the modzero team contacted BlackBerry to reveal their findings and laid out what exactly the issue was. In that time, BlackBerry has issued a fix for this vulnerability, which is included in BlackBerry 10 OS version 10.2.0.1055 and later.
A stack-based buffer overflow vulnerability exists in the qconnDoor service supplied with affected versions of BlackBerry 10 OS. The qconnDoor service is used by BlackBerry 10 OS to provide developer access, such as shell and remote debugging capabilities, to the smartphone.
Successful exploitation of this vulnerability could potentially result in an attacker terminating the qconnDoor service running on a user's BlackBerry smartphone. In addition, the attacker could potentially execute code on the user’s BlackBerry smartphone with the privileges of the root user (superuser).
An attacker can exploit this vulnerability in the following ways:
Over Wi-Fi - In order to exploit this vulnerability, an attacker must send a specially crafted message to the qconnDoor service on a smartphone located on the same Wi-Fi network. The smartphone user must have also enabled development mode on the smartphone before an attack.
Over USB - In order to exploit this vulnerability, an attacker must gain physical access to a smartphone and then send a specially crafted message to the qconnDoor service over USB.
This vulnerability has a Common Vulnerability Scoring System (CVSS) score of 7.9. View the linked Common Vulnerabilities and Exposures (CVE) identifier for a description of the security issue that this security advisory addresses. - CVE-2014-1468
If you're running BlackBerry OS 10.2.0.1055 and later, you're no longer affected by this issue and no known attacks using this exploit have been reported. If you're still running an earlier version of BlackBerry 10 then it is suggested that you update your OS as soon as possible. If you do not have any software updates available to you, customers should contact their wireless service provider to request BlackBerry 10 OS version 10.2.0.1055 or later.