Android Wi-Fi Direct bug means hackers can reboot your device

A vulnerability in Android’s Wi-Fi Direct functionality has been uncovered by security researchers.

Wi-Fi Direct – the technology that allows two devices (including printers, cameras and PCs) to connect directly via a peer-to-peer Wi-Fi connection without a wireless router – has an issue affecting a number of Android devices. The bug is in the form of a remotely exploitable denial-of-service vulnerability, specifically an uncaught exception, and it affects certain Android devices scanning for other Wi-Fi Direct products.

“An attacker could send a specially crafted 802.11 Probe Response frame causing the Dalvik subsystem to reboot because of an Unhandle Exception on WiFiMonitor class,” the security advisory explains.

Or, as The Register puts it, “If the attacker sends a malformed wpa_supplicant event, the disclosure states, Android’s WifiP2pDevice class throws an IllegalArgumentException, crashing the device.”

The Hacker News reports that the vulnerability affects a number of Android devices:

  • Nexus 5 – Android 4.4.4
  • Nexus 4 – Android 4.4.4
  • LG D806 – Android 4.2.2
  • Samsung SM-T310 – Android 4.2.2
  • Motorola RAZR HD – Android 4.1.2

Core Security first disclosed the security issue to Google on September 26, but the Android Security Team classified the vulnerability as “low severity” and repeatedly explained that they currently have no timeline for releasing a fix, hence today’s public disclosure.

The Register broadly agrees with Google’s classification, given that the vulnerability is limited to short periods of time when the Android device is scanning for Wi-Fi direct devices, as well as geographical proximity: an attacker has to be nearby to send the malformed data to the victim. Even then, “its impact is limited to a reboot.”

Twin Design / Shutterstock.com

Author , ESET

Follow us

Copyright © 2016 ESET, All Rights Reserved.