CVE_2015_3636.java

package fuzion24.device.vulnerability.vulnerabilities.kernel;

import android.content.Context;

import java.util.ArrayList;
import java.util.List;

import fuzion24.device.vulnerability.util.CPUArch;
import fuzion24.device.vulnerability.vulnerabilities.VulnerabilityTest;

/**
 * Created by fuzion24 on 8/24/15.
 */
public class CVE_2015_3636 implements VulnerabilityTest {
    static {
        System.loadLibrary("pingpong");
    }

    /*
       Fix: https://github.com/torvalds/linux/commit/a134f083e79fb4c3d0a925691e732c56911b4326
       Discussion: http://www.openwall.com/lists/oss-security/2015/05/02/11
       implementation: https://github.com/scoty755/libping_unhash_exploit_POC
     */
    @Override
    public String getCVEorID() {
        return "CVE-2015-3636";
    }

    @Override
    public List<CPUArch> getSupportedArchitectures() {
        ArrayList<CPUArch> archs = new ArrayList<>();
        archs.add(CPUArch.ARM);
        archs.add(CPUArch.ARM7);
        archs.add(CPUArch.ARM8);
        return archs;
    }


    private native int checkPingPong();

    @Override
    public boolean isVulnerable(Context context) throws Exception {
        int checkVal = checkPingPong();

        if(checkVal == 0) {
            return false;
        }else if(checkVal == 1) {
            return true;
        }else {
            throw new Exception("Error running test. Errno: " + checkVal);
        }
    }
}