Check Point security researchers have found critical flaws in a wide range of audio decoders from Qualcomm (CVE-2021-30351) and MediaTek (CV-2021-0674, CVE-2021-0675).
These vulnerabilities would allow remote control of an Android smartphone. All you have to do is send a trapped sound file in Apple Lossless Audio Codec (ALAC) format. The hacker could immediately execute arbitrary code remotely on the terminal and, if necessary, spy on the user’s conversations or film him without his knowledge. An attack that the researchers called “ALHACK”, in reference to the Apple format.
Qualcomm and MediaTek being the main codec suppliers in the Android smartphone market, these flaws affect tens of millions of devices.
For 2021 alone, Check Point estimates that two-thirds of Android smartphones sold are vulnerable. The good news is that both manufacturers released patches last December. It is now to be hoped that manufacturers have integrated them into their updates since then.
Also see video:
Check Point should give technical details on these flaws next May, during the CanSecWest 2022 conference. What we already know, however, is that these flaws come from the version open-source of the ALAC codec that Apple released in 2011.
This shared code allows non-Apple devices to support this audio format. The problem is that no one really cares about it. According to Check Point, it has never had any security patches, while the proprietary version used by Apple continues to be updated regularly. A negligence whose harmful consequences are now being felt.
Source : check point