"Platform Tools v33.0.3 (https://developer.android.com/studio/releases/platform-tools) released in August addresses two security issues in Android Debug Bridge. Both require the adb host (e.g. the PC) to connect to a compromised adb daemon (e.g. the mobile phone). This is a security concern for example in automated environments or malware labs that run arbitrary android packages by design. I found and reported these issues to Google last December. CVE-2022-20128: Adb was vulnerable to directory traversal attacks during adb pull operation. Example session (victim side):" Please stabilize when ready.
Please cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=890a0363035e2cac3c3db3ddf196d64b175fc709 commit 890a0363035e2cac3c3db3ddf196d64b175fc709 Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2022-10-28 00:21:01 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2022-10-28 00:21:12 +0000 dev-util/android-tools: drop 31.0.3, 31.0.3_p2, 33.0.3 Bug: https://bugs.gentoo.org/878281 Signed-off-by: Zac Medico <zmedico@gentoo.org> dev-util/android-tools/Manifest | 4 -- dev-util/android-tools/android-tools-31.0.3.ebuild | 84 ---------------------- .../android-tools/android-tools-31.0.3_p2.ebuild | 84 ---------------------- dev-util/android-tools/android-tools-33.0.3.ebuild | 84 ---------------------- 4 files changed, 256 deletions(-)
Thanks!
Oops, also from URL: CVE-2022-3168: The reverse tunnel feature in Android Debug Bridge (adb) was vulnerable as it allowed malicious adb daemons to open connections to arbitrary host/ports and unix domain sockets on the host. Example session; both sides running on Google Cloud virtual machines for sake of demonstration. Attacker receives the access token of the service account the victim VM is running as. Making a '2' as arbitrary file writes can usually cause code execution via replacing things like ~/.bashrc, etc.
GLSA request filed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=c3fb2413d6edf1fff45b79b4539d0c1dc438c62e commit c3fb2413d6edf1fff45b79b4539d0c1dc438c62e Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-10-31 20:25:11 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-10-31 20:25:51 +0000 [ GLSA 202210-41 ] android-tools: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/878281 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202210-41.xml | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+)
GLSA released, all done!
