Authors: Alessandro Armando (University of Genova and FBK, Italy), Alessio Merlo (eCampus University and University of Genova, Italy), Mauro Migliardi (University of Padova and University of Genova, Italy) and Luca Verderame (University of Genova).
Abstract: We present a previously undisclosed vulnerability of Android OS which can be exploited by mounting a Denial-of-Service attack that makes devices become totally unresponsive. We discuss the characteristics of the vulnerability – which affects all versions of Android – and propose two different fixes, each involving little patching implementing a few architectural countermeasures. We also provide experimental evidence of the effectiveness of the exploit as well as of the proposed countermeasures.
A pre-print version in available here.
Download video demo here (66 Mb)
National Vulnerability Database: CVE-2011-3918
Common Vulnerabilities and Exposures: CVE-2011-3918
On the press:
Ansa.it, SecoloXIX, ilSole24ore, l'Avvenire, la Stampa, l'Unità, la Repubblica, Corriere del Trentino, Il mattino di Padova, l'Adige, l'Arena, L'eco di Bergamo, il Gazzettino di Padova, il mattino di Padova,Trentino, Ivg, Giornale di Puglia, CorriereWeb.
Punto-Informatico, Tech Week Europe, Gekissimo, Tutto Android, Androidiani, AGI, Genova Today, Genova 24, The next web, Babboleo, FocusTech, I love Tech, Android Italy, Android world, xtreme openource, Seogate, Gmanetwork, Androider, Notebook Italia, International Businnes Times,Key 4 biz, PrimoCanale.