CVE-2017-5624

Name of the Vulnerable Software and Affected Versions OxygenOS versions prior to 4.0.3

Description An issue in OxygenOS allows an attacker to persistently disable dm-verity, which is used by the kernel to verify the system partition, by issuing the fastboot oem disable dm verity command. This may allow for persistent code execution and privilege escalation. The vulnerability is related to insufficient access control and can be exploited remotely to gain root privileges and block warnings about system partition replacement.

Recommendations For OxygenOS versions prior to 4.0.3, update to version 4.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the fastboot oem disable dm verity command to minimize the risk of exploitation.