New exploit available for LG G5: QuadRooter

[cdiscrete]

A set of exploits has been found by Check Point, allowing malicious apps to get root privilege.

blog.checkpoint.com/2016/08/07/quadrooter/

I'll turn off OTA from now on and wait for tools that make use of this exploit.

QuadRooter is a set of four vulnerabilities affecting Android devices built using Qualcomm chipsets. Qualcomm is the world’s leading designer of LTE chipsets with a 65% share of the LTE modem baseband market. If any one of the four vulnerabilities is exploited, an attacker can trigger privilege escalations for the purpose of gaining root access to a device.

 

[BR7fan]

How do you turn off ota ? I can't find it

 

[gwolfu]

there are 4 exploits that are already patched
might be a way if you have pre-April firmware installed
https://gwolf2u.com/quadrooter-android-security-bugs-affect-over-900-million-devices/

 

[BR7fan]

I have 3 of the 4 exploits. I have Sprint

 

[fsi09]

I have the latest v10d firmware on my H850 and the app shows me 4 of 4 vulnerable.
2016-06-01 security patch

 

[mikey_sk]

I have the latest v10d firmware on my H850 and the app shows me 4 of 4 vulnerable.
2016-06-01 security patch

mine as well

on v10d

 

[cdiscrete]

H868 reports 4/4 with the latest security patch.

For those who want to root their G5, search for "update" in Settings and turn off auto update.

 

[muppetmaster916]

Is this what we've been waiting for? Ridiculously excited if so, will this help rs988?

 

[cdiscrete]

Is this what we've been waiting for? Ridiculously excited if so, will this help rs988?

Download the Quadrooter Scanner and see if 4/4 vulnerabilities. If so, hope is right there.

 

[muppetmaster916]

Download the Quadrooter Scanner and see if 4/4 vulnerabilities. If so, hope is right there.

I have 4/4, will this lead to development for our phones?

 

[cdiscrete]

I have 4/4, will this lead to development for our phones?

Yes. The last step is a tool that makes use of these vulnerabilities. That's what we are waiting for.

 

[BR7fan]

I've looked,searched and looked again.I can not find the turn off automatic updates. Can some one screen shot please. I posted a picture,there is no option for it

 

[roc342]

On Latest OTA installed, on sprint. I have 3 of the four

 

[MrAlez]

4/4 south América H840 variant here, i hope we do get root

 

[falkon114]

AT&T H820, 4/4 shown here with April 01 security update. Will pledge $50 towards the bounty if someone can make use of this.

 

[misquia]

RS988 with 2016-06-01 Android security patch level. 4/4 vulnerabilities. If this is what we were waiting for, I'm excited!

 

[muppetmaster916]

It's not, I spoke to jcase earlier and he pretty much stated that until a solution to the locked bootloader is found we're screwed. No bump possibility either.

 

[cdiscrete]

It's not, I spoke to jcase earlier and he pretty much stated that until a solution to the locked bootloader is found we're screwed. No bump possibility either.

But at least we can get some xposed stuff right?

 

[cdiscrete]

I've looked,searched and looked again.I can not find the turn off automatic updates. Can some one screen shot please. I posted a picture,there is no option for it

Seems your Settings is different from mine.

 

[spiderio]

We need a great hacker for this exploit to work..
I will patiently wait