This repo contains the code of the exploits and the security patches we developed for the CVEs used in the paper "VirtualPatch: Fixing Android Security Vulnerabilities through Application-Level Virtualization"
- CVE entry: CVE-2019-9376
- Patch: accountpatch
- Exploit: shiva
- CVE entry: CVE-2021-0313
- Patch: MinikinPatch
- Exploit: nobreak
- CVE entry: CVE-2021-0604
- Patch: BtMMSPatch
- Exploit: btmms
- CVE entry: CVE-2021-0444
- Patch: LeakContactPatch
- Exploit: LeakContact
- CVE entry: CVE-2021-0341
- Patch: okhttppatch
- Exploit: -
- CVE entry: CVE-2021-0521
- Patch: PackagesPatch
- Exploit: AllApplications
- CVE entry: CVE-2021-0591
- Patch: BroadcastHijackPatch
- Exploit: BroadcastHijack
- CVE entry: CVE-2018-9493
- Patch: DownloadManagerSQLiPatch
- Exploit: DownloadManagerSQLi
- CVE entry: CVE-2018-9452
- Patch: DoSWidthCalculationPatch
- Exploit: DoSWidthCalculation
- CVE entry: CVE-2018-9525
- Patch: not needed
- Exploit: ChangeDeviceSettings
- CVE entry: CVE-2018-9548
- Patch: ContentProviderUriValidationPatch
- Exploit: ContentProviderUriValidation
- CVE entry: CVE-2021-0931
- Patch: BluetoothAliasPatch
- Exploit: BluetoothAlias
- CVE entry: CVE-2018-9582
- Patch: not needed
- Exploit: PackageInstallerSpoofing
- CVE entry: CVE-2019-2003
- Patch: LinkPhishingPatch
- Exploit: LinkPhishing
- CVE entry: CVE-2019-2232
- Patch: TextLineDoSPatch
- Exploit: TextLineDoS
- CVE entry: CVE-2018-9467
- Patch: HostnameParsingPatch
- Exploit: HostnameParsing
- CVE entry: CVE-2020-0239
- Patch: DocumentMetadataPatch
- Exploit: DocumentMetadataLeak
- CVE entry: CVE-2020-0441
- Patch: NotificationDOSPatch
- Exploit: LongNotificationDOS
- CVE entry: CVE-2020-0459
- Patch: not needed
- Exploit: NetworkInfoLeaker
- CVE entry: CVE-2020-0391
- Patch: not needed
- Exploit: UnprotectedBroadcastPixel
- CVE entry: CVE-2021-1929
- Patch: not needed
- Exploit: QualcomQmmiLeaker
- CVE entry: CVE-2020-0014
- Patch: ClickableToastPatch
- Exploit: MaliciousToast
- CVE entry: CVE-2019-2137
- Patch: EndCallPatch
- Exploit: EndCallAttack
- CVE entry: CVE-2020-0443
- Patch: SettingsProviderPatch
- Exploit: LocaleBootloop
- CVE entry: CVE-2021-0597
- Patch: not needed
- Exploit: SIPLeaker
Some CVEs do not require a patch because VirtualApp implementation of app-level virtualization prevents the exploits by design. For instance, only certain Broadcasts are delivered to or forwarded from apps running inside the virtual environment, so exploits that use other Broadcast messages are blocked by default.