Vulnerability Description
An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can persistently make the (locked) bootloader start the platform with dm-verity disabled, by issuing the 'fastboot oem disable_dm_verity' command. Having dm-verity disabled, the kernel will not verify the system partition (and any other dm-verity protected partition), which may allow for persistent code execution and privilege escalation.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oneplus | Oxygenos | <= 4.0.2 |
| Oneplus | Oneplus 3 | - |
| Oneplus | Oneplus 3T | - |
Related Weaknesses (CWE)
References
- https://securityresear.ch/2017/02/08/oneplus3-bootloader-vulns/ExploitTechnical DescriptionThird Party Advisory
- https://securityresear.ch/2017/02/08/oneplus3-bootloader-vulns/ExploitTechnical DescriptionThird Party Advisory
FAQ
What is CVE-2017-5624?
CVE-2017-5624 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can persistently make the (locked) bootloader start the platform with dm-verity disabled, by issuing the 'fastboot o...
How severe is CVE-2017-5624?
CVE-2017-5624 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-5624?
Check the references section above for vendor advisories and patch information. Affected products include: Oneplus Oxygenos, Oneplus Oneplus 3, Oneplus Oneplus 3T.