Syncframe explodes into the Dolby Unified Decoder. Boom. Arbitrary code execution in mediacodec context, Pixel 9 owned—zero clicks.
Google Messages auto-decodes incoming RCS audio attachments now, a ‘feature’ for transcription that bloats the 0-click attack surface on Android phones. Vendors ship this Dolby blob blindly, statically linked into libcodec2_soft_ddpdec.so on the Pixel 9. Project Zero’s team—Maddie Stone, Ivan Fratric, Seth Jenkins—didn’t just find bugs. They chained them into a full exploit, proving skeptics wrong.
Pixel 9’s Dolby Nightmare: CVE-2025-54957
DD+ bitstream. Syncframes. Audio blocks. Sounds innocent, right? Wrong. The spec lets the decoder copy up to 0x1FF bytes per block into a skip buffer—EMDF format, synced on ‘X8’. But craft that buffer slyly, and variable_bits parsing goes haywire, ripe for overflow or whatever chaos you fancy.
Here’s the spec snippet that dooms it:
Syntax Number of bits skiple 1 if(skiple) skipl 9 skipfld 9 * 8 }
That skipfld? Straight bitstream slurp into the buffer. No checks. EMDF syncword hunts follow, but if you control the flow—game over.
Project Zero exploited this for code exec in the sandboxed mediacodec process. Not theoretical. Real. And fixed January 5, 2026—too late for devices lingering on old patches.
Short paragraphs bore me. This one’s dense: The UDC, shipped as a binary blob to OEMs, lacks symbols, hides its guts. Android’s auto-decoding push—AI transcription, search—means every SMS audio clip triggers it pre-open. Combine with driver bugs like CVE-2025-36934 (Pixel 9 kernel escalator), and you’ve got root from a message. Vendors questioned exploitability. Project Zero answered with receipts.
Why Does Android’s 0-Click Surface Keep Growing?
Auto-features sound slick. Decode media silently for smarts. But it’s a buffet for attackers. Monkey’s Audio on Samsung fell first (CVE-2025-49415). Now Dolby everywhere—Android, iOS, Windows. Pixels hit hardest here.
One punch: Sandboxed? Sure. Useful? Damn right—for pivoting to kernel.
Recall Stagefright, 2015? MMS videos owned Nexus devices remotely. This echoes louder—RCS ubiquity, AI hype amplifying risks. Android’s mitigations—sandboxing, verified boot—hold, but media decoders and drivers poke holes. Project Zero’s chain tests them brutally.
“We hope this research will help defenders better understand how these attacks work in the wild, the strengths and weaknesses of Android’s security features with regards to preventing such attacks, and the importance of remediating media and driver vulnerabilities on mobile devices.”
Straight from the post. Noble. But Google’s PR spin? Patches dropped months post-discovery. Users wait on OTA roulette.
Can Attackers Really Chain This to Root?
Part 2 promises the kernel jump via CVE-2025-36934—a driver leak from mediacodec sandbox. Sandbox escapes aren’t myths; they’re math. Pixels tightened post-ForcedEntry, but drivers lag.
Unique angle: This mirrors NSO’s early chains, pre-Lockdown mitigations. Back then, WhatsApp calls triggered decoders. Today, Messages does RCS audio. Prediction—without holistic fixes, 0-click RCS exploits spike 3x by 2027, as AI media parsing spreads to iMessage too.
Corporate hype calls these ‘edge cases.’ Bull. Billions decode daily. One bad clip, phone pwned.
Deep dive time. variable_bits pseudocode:
variable_bits (n_bits) {
value = 0;
do {
value += read n_bits
read_more 1
if (read_more) {
value <<= n_bits;
value += (1<<n_bits);
}
}
while (read_more);
return value;
}
Loop uncontrolled? Overflow heaven. EMDF containers chain payloads—version, key_id extensions via more variable_bits. Stack the deck, smash the parser.
On Pixel 9, UDC nests in vendor/lib64. Sandboxed, yes. But adjacent drivers? Seth Jenkins found the seam.
Vendors’ Denial Crumbles
Questions flew: ‘Exploitable? 0-click for normies? Useful post-exec?’ Project Zero built the chain. Mediacodec code exec pivots—data exfil, keylog, escalade. Platforms must harden decoders, isolate drivers, kill auto-decode opt-in.
Humor in the horror: Dolby Atmos promises immersion. Here, it immerses attackers.
Part 3 lessons loom. Expect mitigations critique—Android’s blob reliance bites.
🧬 Related Insights
- Read more: Your Pentest Bot Went Quiet: The Hidden Gaps Killing Your Security
- Read more: Google’s Gmail ‘Breach’ Panic: 2.5 Billion Users Safe, But Phishing’s Still Raging
Frequently Asked Questions
What is CVE-2025-54957?
Buffer mishandling in Dolby UDC’s skip buffer parsing, leading to code exec on DD+ audio decode.
Is my Pixel 9 safe from 0-click Dolby exploits?
Patch January 2026 or later—check Settings > System > System update. Unpatched? Vulnerable.
How do 0-click attacks work on Android Messages?
RCS audio auto-decodes for transcription, hitting flaws pre-user open.
