[MASTER THREAD] Fire HD 8 (2017) (7th Generation)

Search This thread
By:
Advanced…
A

Awesomeslayerg

Senior Member
Jul 5, 2014
796
373
Los Angeles
+++--++++++VE-2018-5344:
drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.
CVE-2018-5333
, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.
CVE-2018-5332
the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
 
S

Supersonic27543

Senior Member
Nov 14, 2016
648
321
Awesomeslayerg said:
+++--++++++VE-2018-5344:
drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.
CVE-2018-5333
, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.
CVE-2018-5332
the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
Click to expand...
Click to collapse
Hello!
I will investigate those exploits, but I don't think that they have much chance to succeed. First one leads to DoS, and both others lead to a OOB write, and therefore very hard or impossible to escalate privileges by them.
Thanks!
 
S

Supersonic27543

Senior Member
Nov 14, 2016
648
321
Awesomeslayerg said:
+++--++++++VE-2018-5344:
drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.
CVE-2018-5333
, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.
CVE-2018-5332
the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
Click to expand...
Click to collapse
Not possible. Both issues were addressed in 4.14.13.
 
DragonFire1024

DragonFire1024

Senior Member
Mar 27, 2017
4,922
2,013
43
Fort Lauderdale
www.twitter.com
Google Nexus 10
Motorola Droid RAZR M
Supersonic27543 said:
I just tried ADB sideloading latest SuperSU.zip after I got the exclamation. It didn't root the device.
Click to expand...
Click to collapse

Unless Amazon missed something, the only way you'll be able to get anything into the device via ADB sideload, is software/firmware signed by Amazon. I think Its tine to reset my Fire 7 and try a few things.

Sent from my Galaxy S7 using XDA Labs
 
  • Like
Reactions: twocrows
S

Supersonic27543

Senior Member
Nov 14, 2016
648
321
Hello!
I think that it's a bit good for experiment with a pristine state system. Will ADB sideloading FireOS 5.6.0.1 brick my device? I'm on 5.6.0.1 too currently, HD 8 (2017). @DragonFire1024 Can you please help me with this? Thanks!
 
DragonFire1024

DragonFire1024

Senior Member
Mar 27, 2017
4,922
2,013
43
Fort Lauderdale
www.twitter.com
Google Nexus 10
Motorola Droid RAZR M
Supersonic27543 said:
Hello!
I think that it's a bit good for experiment with a pristine state system. Will ADB sideloading FireOS 5.6.0.1 brick my device? I'm on 5.6.0.1 too currently, HD 8 (2017). @DragonFire1024 Can you please help me with this? Thanks!
Click to expand...
Click to collapse

As far as I know, the HD 8 cannot be downgraded at all. Doing so results in a unrecoverable brick. I wish there was a way around it, but unfortunately there isn't as of yet.
 
S

Supersonic27543

Senior Member
Nov 14, 2016
648
321
DragonFire1024 said:
As far as I know, the HD 8 cannot be downgraded at all. Doing so results in a unrecoverable brick. I wish there was a way around it, but unfortunately there isn't as of yet.
Click to expand...
Click to collapse

Hello!
I'm not going to downgrade it. I'm trying to clean up everything a bit with sideloading "the same version I'm at". Even it will brick the device??? :(
Thanks!
 
A

Awesomeslayerg

Senior Member
Jul 5, 2014
796
373
Los Angeles
I've been researching a way to root using p2pk (phone to phone) debugging in order to root our kindle. The problem is the ad b is kinda old and need to be recompiled for arm devices again. It's l set but I'm gonna try bluestacks and see if that works. Look up p2p adb.
 
DragonFire1024

DragonFire1024

Senior Member
Mar 27, 2017
4,922
2,013
43
Fort Lauderdale
www.twitter.com
Google Nexus 10
Motorola Droid RAZR M
Awesomeslayerg said:
I've been researching a way to root using p2pk (phone to phone) debugging in order to root our kindle. The problem is the ad b is kinda old and need to be recompiled for arm devices again. It's l set but I'm gonna try bluestacks and see if that works. Look up p2p adb.
Click to expand...
Click to collapse

Do a search for 'osmosis ADB XDA' and in that thread is an ADB binary for p2p.

Sent from my Moto E4 using XDA Labs
 
S

Supersonic27543

Senior Member
Nov 14, 2016
648
321
Awesomeslayerg said:
I've been researching a way to root using p2pk (phone to phone) debugging in order to root our kindle. The problem is the ad b is kinda old and need to be recompiled for arm devices again. It's l set but I'm gonna try bluestacks and see if that works. Look up p2p adb.
Click to expand...
Click to collapse

Hey Awesomeslayerg!
First of all, my wholehearted thanks for your interest in rooting this device. :) I thought that everyone forgot or didn't have any interest in rooting this, but it looks like wrong now, people like you didn't give up on this. Unfortunately, though I will look at this, I don't have much knowledge on here, but if you need any help, please tell.
Thanks again!
 
A

Awesomeslayerg

Senior Member
Jul 5, 2014
796
373
Los Angeles
So far I have been finally been able to connect to adv via my rooted tablet but I don't know what commands we can use to remount the system on the fire

https://imgur.com/gallery/0P1XF Maybe we can run a script or something to remount it via wifi?

The steps I did:
1.Connect kindle to pc
2. Opened up a cmd prompt I use minimal adb
3. Did "adb tcpip 5555" command
4. Went on my rooted tablet started terminal did the su then adb connect (kindle ip )
 
You must log in or register to reply here.

Similar threads

D
Rapid Temporary Root for HD 8 & HD 10
Replies
1K
Views
462K
ABC00012345
ABC00012345
S
[GUIDE][NO ROOT][7TH GEN/OLDER] Disable System Apps on Fire HD 7/8/10:
Replies
387
Views
224K
C
CuF
B
[TUT] ROOT HD10 (2017), HD8(2016-2017) - EASY SuperSu
Replies
642
Views
305K
mayur.3.92
mayur.3.92
Z
Rooted Fire HD 10 7th Generation Running Fire OS 5.6.0.0
Replies
391
Views
103K
DragonFire1024
DragonFire1024
K
New Fire HD10 2019 Bootless Root Method + Bootloader Unlock Brainstorming
Replies
996
Views
256K
nonetrix
nonetrix

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 29
    B
    <br />
    ROOT ACQUIRED! Fellas, I give to you the world's first fully rooted Fire HD 8 7th Gen! :) I will write instructions when I get some more time. Great work to everyone who made this possible!
    Check out my new launcher setup! I froze the old launcher (and most of the bloatware) with titanium.

    Also, I think I found a seemingly more reliable and much easier way to access the eMMC. It goes like this:

    - Start the tablet while holding volume down
    - Enter bootloader (fastboot)
    - Plug SD Card into reader

    And that's it. No handshake, no USB. It worked great for me, though I only did try it like once. I'll keep playing with it.

    Edit: Yep it's working MUCH more reliably than the handshake method. The trick is to put the SD card into the reader almost immediately after clicking the "Enter bootloader" menu option. Do it before "FASTBOOT Mode..." pops up. You have like a 1 second window.

    teixeirap said:
    Sounds like we're are having progress.

    Some points:
    As mentioned the later supersu free versions don't prompt for root access; it's a pro feature ... see its log for evidence. Work around is set default to grant.
    Second, have you set the uid to root:root for the su binary? Use chown 0:0 <path to su> to do so
    Click to expand...
    Click to collapse

    1. Thanks, I did not know that!
    2. Yes but there is much more to it than setting the owner. There's also SELinux security extended attributes, and a whole lot of other files that SuperSU needs.
    View
    25
    S
    Supersonic27543
    Hi,

    This is a list (incomplete) of all the ROMs, mods, hacks, guides, etc. available for the Fire HD 8 (2017).
    This was a root progress discussion thread, and I think there's too much valuable information here to just let it get buried. So, following @Rortiz2's suggestion this thread was transformed to a master thread with the aim of providing a complete guide for anyone wanting to mod their tablet.

    2017-06-07-product-2.jpg

    Device Codename: douglas
    Specifications:
    SoC: Mediatek MT8163
    CPU: Cortex-A53 (Quad Core 4x1.3Ghz)
    GPU: Mali 720
    RAM: 1.5GB
    Android: 5.1 (FireOS 5.x.x.x)
    Storage: 16/32GB
    Includes a MicroSD slot
    Battery: 3210mAh
    Display: 8"
    Front Camera: 2MP
    Rear Camera: 2MP

    The italicized text below are my comments/clarifications.

    The root method was patched in 5.6.4.0 (some versions of 5.6.4.0 still work so you could try) It is advisable to disable OTA updates or unlock the bootloader immediately. It is still possible to unlock by a different method, check the bootloader unlocking thread.

    Bootloader Unlock and TWRP:
    • [UNLOCK][ROOT][TWRP][UNBRICK] Fire HD 8 2017 (douglas)
      This is an excellent and complete guide which has everything you need for this. Requires Linux, so you'll have to either install it as dual-boot or use a live system if you are not using it already. You don't need to downgrade if you are on 5.6.4.0.

    Rooting:
    • You can flash Magisk using TWRP after bootloader unlock. Using Magisk is recommended because SuperSU is no longer supported, and Magisk has modules, Magisk Hide, and the root prompt is working (In SuperSU it's not working so you have to always grant root permissions which is a major security loophole)
    • Rapid Temporary Root for HD 8 & HD 10
      This is the first software root method discovered for this tablet and is a really easy and quick method of getting a root shell, and the link has a complete guide on it. Refer here for installing SuperSU for permanent root, and here for an automated script for Windows.
    • [ROOT] Hardmod Root Your Amazon Fire HD 8 (7th Gen)
      This is first root method ever discovered for this tablet and is a hardware root. This link has a complete step-by-step guide, assuming you have some soldering experience.

    ROMs:

    Miscellaneous:

    General Tips:
    • To return to stock or recover from a soft brick:
      (Don't use this if you have already unlocked your bootloader: if you want just stock FireOS flash it through TWRP, and if complete stock follow the guide in the unlock thread)
      (This assumes that you have ADB installed, I would not advise you on how here, there are numerous guides waiting for a Google search. This will erase your data.)
      1. Download your current FireOS or a later firmware version. You can find the latest over at Amazon's website.
      2. Boot to the recovery mode of your tablet, and use the volume and power buttons to select "Apply Update via ADB".
      3. Now connect the tablet to a PC with a USB cabke, open a command prompt or shell on the directory where you downloaded the firmware BIN, enter the command adb sideload X.bin (replace X with the name of the BIN) and wait until finished (DON'T disconnect your device from the PC)
      4. Now select "Wipe Data/Factory Reset" and "Yes" to wipe data (you can skip doing this if you want your data, but note that the tablet may bootloop or complain about corrupted data)
      5. Select "Reboot system now"
    • The firmware BINs are just renamed ZIP files: you can rename it from .bin to .zip and treat it as such.
    • Amazon employs an anti-rollback mechanism which could permanently brick your device if you flash an older version through adb sideload. If you really want an older FireOS, you can rename .bin to .zip and flash them through TWRP after unlocking.
    • The stock launcher AppID is com.amazon.firelauncher, the stock keyboard is com.amazon.redstone, and the OTA update apps are com.amazon.device.software.ota and com.amazon.kindle.otter.oobe.forced.ota.

    Again, this list is incomplete, so please suggest any additions in the comments! (don't hesitate to suggest your own work-the target of this thread to be a comprehensive and complete guide on everything about this tablet)

    Good luck modding this tablet! :)
    View
    20
    DragonFire1024
    DragonFire1024
    I'm a genius. Amazon is not going to like me...not one bit. But you guys are going to love me. I got just about everything working...and I mean everything. I have a few more tweaks to go. I'm hoping I'll be able to disable signature verification in the package installer in NON rooted tablets.
    View
    16
    B
    <br />
    I know people are eager to try this out so here is a quick guide on how to root this tablet: https://xdaforums.com/hd8-hd10/orig-development/root-hardmod-root-amazon-fire-hd-8-7th-t3851617

    Enjoy! :)
    View
    13
    DragonFire1024
    DragonFire1024
    Who wants a fully working Linux distro installed on a non rooted HD 8? I DO! And my wish has come true. In a few days hopefully, you'll be able to install a fully operational Kali Linux distro on the non rooted HD 8s. The installation is a proot environment and done totally on the back end so not one bit of root is needed. I'm so psyched about this ???
    View

New posts