Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2016.0071
Multiple vulnerabilities have been identified in Android
7 July 2016
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Google Nexus devices
Operating System: Android
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Increased Privileges -- Remote with User Interaction
Access Privileged Data -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2016-3818 CVE-2016-3816 CVE-2016-3815
CVE-2016-3814 CVE-2016-3813 CVE-2016-3812
CVE-2016-3811 CVE-2016-3810 CVE-2016-3809
CVE-2016-3808 CVE-2016-3807 CVE-2016-3806
CVE-2016-3805 CVE-2016-3804 CVE-2016-3803
CVE-2016-3802 CVE-2016-3801 CVE-2016-3800
CVE-2016-3799 CVE-2016-3798 CVE-2016-3797
CVE-2016-3796 CVE-2016-3795 CVE-2016-3794
CVE-2016-3793 CVE-2016-3792 CVE-2016-3775
CVE-2016-3774 CVE-2016-3773 CVE-2016-3772
CVE-2016-3771 CVE-2016-3770 CVE-2016-3769
CVE-2016-3768 CVE-2016-3767 CVE-2016-3766
CVE-2016-3765 CVE-2016-3764 CVE-2016-3763
CVE-2016-3762 CVE-2016-3761 CVE-2016-3760
CVE-2016-3759 CVE-2016-3758 CVE-2016-3757
CVE-2016-3756 CVE-2016-3755 CVE-2016-3754
CVE-2016-3753 CVE-2016-3752 CVE-2016-3751
CVE-2016-3750 CVE-2016-3749 CVE-2016-3748
CVE-2016-3747 CVE-2016-3746 CVE-2016-3745
CVE-2016-3744 CVE-2016-3743 CVE-2016-3742
CVE-2016-3741 CVE-2016-2508 CVE-2016-2507
CVE-2016-2506 CVE-2016-2505 CVE-2016-2503
CVE-2016-2502 CVE-2016-2501 CVE-2016-2108
CVE-2016-2107 CVE-2016-2068 CVE-2016-2067
CVE-2016-0723 CVE-2015-8893 CVE-2015-8892
CVE-2015-8891 CVE-2015-8890 CVE-2015-8889
CVE-2015-8888 CVE-2015-8816 CVE-2014-9803
CVE-2014-9802 CVE-2014-9801 CVE-2014-9800
CVE-2014-9799 CVE-2014-9798 CVE-2014-9797
CVE-2014-9796 CVE-2014-9795 CVE-2014-9794
CVE-2014-9793 CVE-2014-9792 CVE-2014-9791
CVE-2014-9790 CVE-2014-9789 CVE-2014-9788
CVE-2014-9787 CVE-2014-9786 CVE-2014-9785
CVE-2014-9784 CVE-2014-9783 CVE-2014-9782
CVE-2014-9781 CVE-2014-9780 CVE-2014-9779
CVE-2014-9778 CVE-2014-9777
Member content until: Saturday, August 6 2016
OVERVIEW
Multiple vulnerabilities have been identified in Android versions
4.4.4, 5.0.2, 5.1.1, 6.0, and 6.0.1. [1]
IMPACT
The vendor has provided the following information:
2016-07-01 security patch level - Security vulnerability details:
"Remote code execution vulnerability in Mediaserver
A remote code execution vulnerability in Mediaserver could enable an
attacker using a specially crafted file to cause memory corruption
during media file and data processing. This issue is rated as
Critical due to the possibility of remote code execution within the
context of the Mediaserver process. The Mediaserver process has
access to audio and video streams, as well as access to privileges
that third-party apps could not normally access.
The affected functionality is provided as a core part of the
operating system and there are multiple applications that allow it
to be reached with remote content, most notably MMS and browser
playback of media.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-2506 A-28175045 Critical All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Apr 11, 2016
CVE-2016-2505 A-28333006 Critical All Nexus 6.0, 6.0.1 Apr 21, 2016
CVE-2016-2507 A-28532266 Critical All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 May 2, 2016
CVE-2016-2508 A-28799341 Critical All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 May 16, 2016
CVE-2016-3741 A-28165661 Critical All Nexus 6.0, 6.0.1 Google internal
CVE-2016-3742 A-28165659 Critical All Nexus 6.0, 6.0.1 Google internal
CVE-2016-3743 A-27907656 Critical All Nexus 6.0, 6.0.1 Google internal
Remote code execution vulnerability in OpenSSL & BoringSSL
A remote code execution vulnerability in OpenSSL and BoringSSL could
enable an attacker using a specially crafted file to cause memory
corruption during file and data processing. This issue is rated as
Critical due to the possibility of remote code execution within the
context of an affected process.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-2108 A-28175332 Critical All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 May 3, 2016
Remote code execution vulnerability in Bluetooth
A remote code execution vulnerability in Bluetooth could allow a
proximal attacker to execute arbitrary code during the pairing
process. This issue is rated as High due to the possibility of
remote code execution during the initialization of a Bluetooth
device.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3744 A-27930580 High All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Mar 30, 2016
Elevation of privilege vulnerability in libpng
An elevation of privilege vulnerability in libpng could enable a
local malicious application to execute arbitrary code within the
context of an elevated system application. This issue is rated as
High because it could be used to gain local access to elevated
capabilities, such as Signature or SignatureOrSystem permissions
privileges, which are not accessible to a third-party application.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3751 A-23265085 High All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Dec 3, 2015
Elevation of privilege vulnerability in Mediaserver
An elevation of privilege vulnerability in Mediaserver could enable
a local malicious application to execute arbitrary code within the
context of an elevated system application. This issue is rated as
High because it could be used to gain local access to elevated
capabilities, such as Signature or SignatureOrSystem permissions
privileges, which are not accessible to a third-party application.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3745 A-28173666 High All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Apr 10, 2016
CVE-2016-3746 A-27890802 High All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Mar 27, 2016
CVE-2016-3747 A-27903498 High All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Mar 28, 2016
Elevation of privilege vulnerability in sockets
An elevation of privilege vulnerability in sockets could enable a
local malicious application to access system calls outside of its
permissions level. This issue is rated as High because it could
permit a bypass of security measures in place to increase the
difficulty of attackers exploiting the platform.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3748 A-28171804 High All Nexus 6.0, 6.0.1 Apr 13, 2016
Elevation of privilege vulnerability in LockSettingsService
An elevation of privilege vulnerability in the LockSettingsService
could enable a malicious application to reset the screen lock
password without authorization from the user. This issue is rated as
High because it is a local bypass of user interaction requirements
for any developer or security settings modifications.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3749 A-28163930 High All Nexus 6.0, 6.0.1 Google internal
Elevation of privilege vulnerability in Framework APIs
An elevation of privilege vulnerability in the Parcels Framework
APIs could enable a local malicious application to bypass operating
system protections that isolate application data from other
applications. This issue is rated as High because it could be used
to gain access to data that the application does not have access to.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3750 A-28395952 High All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Google internal
Elevation of privilege vulnerability in ChooserTarget service
An elevation of privilege vulnerability in the ChooserTarget service
could enable a local malicious application to execute code in the
context of another application. This issue is rated High because it
could be used to access Activities belonging to another application
without permission.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3752 A-28384423 High All Nexus 6.0, 6.0.1 Google internal
Information disclosure vulnerability in Mediaserver
An information disclosure vulnerability in Mediaserver could enable
a remote attacker to access protected data normally only accessible
to locally installed apps that request permission. This issue is
rated as High because it could be used to access data without
permission.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3753 A-27210135 High None* 4.4.4 Feb 15, 2016
* Supported Nexus devices that have installed all available updates
are not affected by this vulnerability.
Information disclosure vulnerability in OpenSSL
An information disclosure vulnerability in OpenSSL could enable a
remote attacker to access protected data normally only accessible to
locally installed apps that request permission. This issue is rated
as High because it could be used to access data without permission.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-2107 A-28550804 High None* 4.4.4, 5.0.2, 5.1.1 April 13, 2016
* Supported Nexus devices that have installed all available updates
are not affected by this vulnerability.
Denial of service vulnerability in Mediaserver
A denial of service vulnerability in Mediaserver could enable an
attacker to use a specially crafted file to cause a device hang or
reboot. This issue is rated as High due to the possibility of a
temporary remote denial of service.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3754 A-28615448 High All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 May 5, 2016
CVE-2016-3755 A-28470138 High All Nexus 6.0, 6.0.1 Apr 29, 2016
CVE-2016-3756 A-28556125 High All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Google internal
Denial of service vulnerability in libc
A denial of service vulnerability in libc could enable an attacker
to use a specially crafted file to cause a device hang or reboot.
This issue is rated as High due to the possibility of remote denial
of service.
CVE References Severity Updated Nexus devices Updated AOSP versions D ate reported
CVE-2016-3818 A-28740702 High None* 4.4.4 Google internal
* Supported Nexus devices that have installed all available updates
are not affected by this vulnerability.
Elevation of privilege vulnerability in lsof
An elevation of privilege vulnerability in lsof could enable a local
malicious application to execute arbitrary code that could lead to a
permanent device compromise. This issue is rated as Moderate because
it requires uncommon manual steps.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3757 A-28175237 Moderate All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Apr 11, 2016
Elevation of privilege vulnerability in DexClassLoader
An elevation of privilege vulnerability in the DexClassLoader could
enable a local malicious application to execute arbitrary code
within the context of a privileged process. This issue is rated as
Moderate because it requires uncommon manual steps.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3758 A-27840771 Moderate All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Google internal
Elevation of privilege vulnerability in Framework APIs
An elevation of privilege vulnerability in the Framework APIs could
enable a local malicious application to request backup permissions
and intercept all backup data. This issue is rated as Moderate
because it requires specific permissions to bypass operating system
protections that isolate application data from other applications.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3759 A-28406080 Moderate All Nexus 5.0.2, 5.1.1, 6.0, 6.0.1 Google internal
Elevation of privilege vulnerability in Bluetooth
An elevation of privilege vulnerability in the Bluetooth component
could enable a local attacker to add an authenticated Bluetooth
device that persists for the primary user. This issue is rated as
Moderate because it could be used to gain elevated capabilities
without explicit user permission.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3760 A-27410683 Moderate All Nexus 5.0.2, 5.1.1, 6.0, 6.0.1 Feb 29, 2016
Elevation of privilege vulnerability in NFC
An elevation of privilege vulnerability in NFC could enable a local
malicious background application to access information from a
foreground application. This issue is rated as Moderate because it
could be used to gain elevated capabilities without explicit user
permission.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3761 A-28300969 Moderate All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Apr 20, 2016
Elevation of privilege vulnerability in sockets
An elevation of privilege vulnerability in sockets could enable a
local malicious application to gain access to certain uncommon
socket types possibly leading to arbitrary code execution within the
context of the kernel. This issue is rated as Moderate because it
could permit a bypass of security measures in place to increase the
difficulty of attackers exploiting the platform.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3762 A-28612709 Moderate All Nexus 5.0.2, 5.1.1, 6.0, 6.0.1 Apr 21, 2016
Information disclosure vulnerability in Proxy Auto-Config
An information disclosure vulnerability in the Proxy Auto-Config
component could allow an application to access sensitive
information. This issue is rated Moderate because it could be used
to access data without permission.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3763 A-27593919 Moderate All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Mar 10, 2016
Information disclosure vulnerability in Mediaserver
An information disclosure vulnerability in Mediaserver could allow a
local malicious application to access sensitive information. This
issue is rated as Moderate because it could be used to access data
without permission.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3764 A-28377502 Moderate All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Apr 25, 2016
CVE-2016-3765 A-28168413 Moderate All Nexus 6.0, 6.0.1 Apr 8, 2016
Denial of service vulnerability in Mediaserver
A denial of service vulnerability in Mediaserver could enable an
attacker to use a specially crafted file to cause a device hang or
reboot. This issue is rated as Moderate due to the possibility of
remote denial of service.
CVE References Severity Updated Nexus devices Updated AOSP versions Date reported
CVE-2016-3766 A-28471206 Moderate All Nexus 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 Apr 29, 2016" [1]
2016-07-05 security patch level - Vulnerability details:
"Elevation of privilege vulnerability in Qualcomm GPU driver
An elevation of privilege vulnerability in the Qualcomm GPU driver
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as Critical
due to the possibility of a local permanent device compromise, which
may require reflashing the operating system to repair the device.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-2503 A-28084795* QC-CR1006067 Critical Nexus 5X, Nexus 6P Apr 5, 2016
CVE-2016-2067 A-28305757 QC-CR988993 Critical Nexus 5X, Nexus 6, Nexus 6P Apr 20, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in MediaTek Wi-Fi driver
An elevation of privilege vulnerability in the MediaTek Wi-Fi driver
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as Critical
due to the possibility of a local permanent device compromise, which
may require reflashing the operating system to repair the device.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3767 A-28169363* M-ALPS02689526 Critical Android One Apr 6,2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in Qualcomm performance
component
An elevation of privilege vulnerability in the Qualcomm performance
component could enable a local malicious application to execute
arbitrary code within the context of the kernel. This issue is rated
as Critical severity due to the possibility of a local permanent
device compromise, which may require reflashing the operating system
to repair the device.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3768 A-28172137* QC-CR1010644 Critical Nexus 5, Nexus 6, Nexus 5X, Nexus 6P, Nexus 7 (2013) Apr 9, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in NVIDIA video driver
An elevation of privilege vulnerability in the NVIDIA video driver
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as Critical
due to the possibility of a local permanent device compromise, which
may require reflashing the operating system to repair the device.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3769 A-28376656* N-CVE20163769 Critical Nexus 9 Apr 18, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in MediaTek drivers (Device
specific)
An elevation of privilege vulnerability in multiple MediaTek drivers
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as Critical
due to the possibility of a local permanent device compromise, which
may require reflashing the operating system to repair the device.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3770 A-28346752* M-ALPS02703102 Critical Android One Apr 22, 2016
CVE-2016-3771 A-29007611* M-ALPS02703102 Critical Android One Apr 22, 2016
CVE-2016-3772 A-29008188* M-ALPS02703102 Critical Android One Apr 22, 2016
CVE-2016-3773 A-29008363* M-ALPS02703102 Critical Android One Apr 22, 2016
CVE-2016-3774 A-29008609* M-ALPS02703102 Critical Android One Apr 22, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in kernel file system
An elevation of privilege vulnerability in the kernel file system
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as Critical
due to the possibility of a local permanent device compromise, which
may require reflashing the operating system to repair the device.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3775 A-28588279* Critical Nexus 5X, Nexus 6, Nexus 6P and Nexus Player, Pixel C May 4, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in USB driver
An elevation of privilege vulnerability in the USB driver could
enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as Critical
severity due to the possibility of a local permanent device
compromise, which may require reflashing the operating system to
repair the device.
CVE References Severity Updated Nexus devices Date reported
CVE-2015-8816 A-28712303* Critical Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, Pixel C May 4, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in Qualcomm components
The table below contains security vulnerabilities affecting Qualcomm
components including the bootloader, camera driver, character drive,
networking, sound driver and video driver.
The most severe of these issues is rated as Critical due to
possibility of arbitrary code execution leading to the possibility
of a local permanent device compromise, which may require reflashing
the operating system to repair the device.
CVE References Severity* Updated Nexus devices Date reported
CVE-2014-9795 A-28820720 QC-CR681957 Critical Nexus 5 Aug 8, 2014
CVE-2014-9794 A-28821172 QC-CR646385 Critical Nexus 7 (2013) Aug 8,2014
CVE-2015-8892 A-28822807 QC-CR902998 Critical Nexus 5X, Nexus 6P Dec 30, 2015
CVE-2014-9781 A-28410333 QC-CR556471 High Nexus 7 (2013) Feb 6, 2014
CVE-2014-9786 A-28557260 QC-CR545979 High Nexus 5, Nexus 7 (2013) Mar 13, 2014
CVE-2014-9788 A-28573112 QC-CR548872 High Nexus 5 Mar 13, 2014
CVE-2014-9779 A-28598347 QC-CR548679 High Nexus 5 Mar 13, 2014
CVE-2014-9780 A-28602014 QC-CR542222 High Nexus 5, Nexus 5X, Nexus 6P Mar 13, 2014
CVE-2014-9789 A-28749392 QC-CR556425 High Nexus 5 Mar 13, 2014
CVE-2014-9793 A-28821253 QC-CR580567 High Nexus 7 (2013) Mar 13, 2014
CVE-2014-9782 A-28431531 QC-CR511349 High Nexus 5, Nexus 7 (2013) Mar 31, 2014
CVE-2014-9783 A-28441831 QC-CR511382 High Nexus 7 (2013) Mar 31,2014
CVE-2014-9785 A-28469042 QC-CR545747 High Nexus 7 (2013) Mar 31, 2014
CVE-2014-9787 A-28571496 QC-CR545764 High Nexus 7 (2013) Mar 31, 2014
CVE-2014-9784 A-28442449 QC-CR585147 High Nexus 5, Nexus 7 (2013) Apr 30, 2014
CVE-2014-9777 A-28598501 QC-CR563654 High Nexus 5, Nexus 7 (2013) Apr 30, 2014
CVE-2014-9778 A-28598515 QC-CR563694 High Nexus 5, Nexus 7 (2013) Apr 30, 2014
CVE-2014-9790 A-28769136 QC-CR545716 High Nexus 5, Nexus 7 (2013) Apr 30, 2014
CVE-2014-9792 A-28769399 QC-CR550606 High Nexus 5 Apr 30, 2014
CVE-2014-9797 A-28821090 QC-CR674071 High Nexus 5 Jul 3, 2014
CVE-2014-9791 A-28803396 QC-CR659364 High Nexus 7 (2013) Aug 29, 2014
CVE-2014-9796 A-28820722 QC-CR684756 High Nexus 5, Nexus 7 (2013) Sep 30, 2014
CVE-2014-9800 A-28822150 QC-CR692478 High Nexus 5, Nexus 7 (2013) Oct 31, 2014
CVE-2014-9799 A-28821731 QC-CR691916 High Nexus 5, Nexus 7 (2013) Oct 31, 2014
CVE-2014-9801 A-28822060 QC-CR705078 High Nexus 5 Nov 28, 2014
CVE-2014-9802 A-28821965 QC-CR705108 High Nexus 5, Nexus 7 (2013) Dec 31, 2014
CVE-2015-8891 A-28842418 QC-CR813930 High Nexus 5, Nexus 7 (2013) May 29, 2015
CVE-2015-8888 A-28822465 QC-CR813933 High Nexus 5 Jun 30, 2015
CVE-2015-8889 A-28822677 QC-CR804067 High Nexus 6P Jun 30, 2015
CVE-2015-8890 A-28822878 QC-CR823461 High Nexus 5, Nexus 7 (2013) Aug 19, 2015
* The severity rating for these issues is provided directly by
Qualcomm.
Elevation of privilege vulnerability in Qualcomm USB driver
An elevation of privilege vulnerability in the Qualcomm USB driver
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as High
because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-2502 A-27657963 QC-CR997044 High Nexus 5X, Nexus 6P Mar 11,2016
Elevation of privilege vulnerability in Qualcomm Wi-Fi driver
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as High
because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3792 A-27725204 QC-CR561022 High Nexus 7 (2013) Mar 17, 2016
Elevation of privilege vulnerability in Qualcomm camera driver
An elevation of privilege vulnerability in the Qualcomm camera
driver could enable a local malicious application to execute
arbitrary code within the context of the kernel. This issue is rated
as High because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-2501 A-27890772* QC-CR1001092 High Nexus 5X, Nexus 6, Nexus6P, Nexus 7 (2013) Mar 27, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in NVIDIA camera driver
An elevation of privilege vulnerability in the NVIDIA camera driver
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as High
because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3793 A-28026625* N-CVE20163793 High Nexus 9 Apr 5, 2016
CVE-2016-3794 A-28522227* N-CVE20163794 High Nexus 9 May 1, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in MediaTek power driver
An elevation of privilege in the MediaTek power driver could enable
a local malicious application to execute arbitrary code within the
context of the kernel. This issue is rated as High because it first
requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3795 A-28085222* M-ALPS02677244 High Android One Apr 7, 2016
CVE-2016-3796 A-29008443* M-ALPS02677244 High Android One Apr 7, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in Qualcomm Wi-Fi driver
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as High
because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3797 A-28085680* QC-CR1001450 High Nexus 5X Apr 7, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in MediaTek hardware sensor
driver
An elevation of privilege vulnerability in the MediaTek hardware
sensor driver could enable a local malicious application to execute
arbitrary code within the context of the kernel. This issue is rated
as High because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3798 A-28174490* M-ALPS02703105 High Android One Apr 11, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in MediaTek video driver
An elevation of privilege vulnerability in the MediaTek video driver
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as High
because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3799 A-28175025* M-ALPS02693738 High Android One Apr 11, 2016
CVE-2016-3800 A-28175027* M-ALPS02693739 High Android One Apr 11, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in MediaTek GPS driver
An elevation of privilege vulnerability in the MediaTek GPS driver
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as High
because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3801 A-28174914* M-ALPS02688853 High Android One Apr 11, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in kernel file system
An elevation of privilege vulnerability in the kernel file system
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as High
because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3802 A-28271368* High Nexus 9 Apr 19, 2016
CVE-2016-3803 A-28588434* High Nexus 5X, Nexus 6P May 4, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in MediaTek power management
driver
An elevation of privilege in the MediaTek power management driver
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as High
because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3804 A-28332766* M-ALPS02694410 High Android One Apr 20, 2016
CVE-2016-3805 A-28333002* M-ALPS02694412 High Android One Apr 21, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in MediaTek display driver
An elevation of privilege vulnerability in the MediaTek display
driver could enable a local malicious application to execute
arbitrary code within the context of the kernel. This issue is rated
as High because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3806 A-28402341* M-ALPS02715341 High Android One Apr 26, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in serial peripheral interface
driver
An elevation of privilege vulnerability in the serial peripheral
interface driver could enable a local malicious application to
execute arbitrary code within the context of the kernel. This issue
is rated as High because it first requires compromising a privileged
process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3807 A-28402196* High Nexus 5X, Nexus 6P Apr 26, 2016
CVE-2016-3808 A-28430009* High Pixel C Apr 26, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in Qualcomm sound driver
An elevation of privilege vulnerability in the Qualcomm sound driver
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as High
severity because it first requires compromising a privileged
process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-2068 A-28470967 QC-CR1006609 High Nexus 5, Nexus 5X, Nexus 6, Nexus 6P Apr 28, 2016
Elevation of privilege vulnerability in kernel
An elevation of privilege vulnerability in the kernel could enable a
local malicious application to execute arbitrary code within the
context of the kernel. This issue is rated as High because it first
requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2014-9803 A-28557020 Upstream kernel High Nexus 5X, Nexus 6P Google internal
Information disclosure vulnerability in networking component
An information disclosure vulnerability in the networking component
could enable a local malicious application to access data outside of
its permission levels. This issue is rated as High because it could
be used to access sensitive data without explicit user permission.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3809 A-27532522* High All Nexus Mar 5, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Information disclosure vulnerability in MediaTek Wi-Fi driver
An information disclosure vulnerability in the MediaTek Wi-Fi driver
could enable a local malicious application to access data outside of
its permission levels. This issue is rated as High because it could
be used to access sensitive data without explicit user permission.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3810 A-28175522* M-ALPS02694389 High Android One Apr 12, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Elevation of privilege vulnerability in kernel video driver
An elevation of privilege vulnerability in the kernel video driver
could enable a local malicious application to execute arbitrary code
within the context of the kernel. This issue is rated as Moderate
because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3811 A-28447556* Moderate Nexus 9 Google internal
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Information disclosure vulnerability in MediaTek video codec driver
An information disclosure vulnerability in the MediaTek video codec
driver could enable a local malicious application to access data
outside of its permission levels. This issue is rated as Moderate
because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3812 A-28174833* M-ALPS02688832 Moderate Android One Apr 11, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Information disclosure vulnerability in Qualcomm USB driver
An information disclosure vulnerability in the Qualcomm USB driver
could enable a local malicious application to access data outside of
its permission levels. This issue is rated as Moderate because it
first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3813 A-28172322* QC-CR1010222 Moderate Nexus 5, Nexus 5X, Nexus 6, Nexus 6P Apr 11, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Information disclosure vulnerability in NVIDIA camera driver
An information disclosure vulnerability in the NVIDIA camera driver
could enable a local malicious application to access data outside of
its permission levels. This issue is rated as Moderate because it
first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3814 A-28193342* N-CVE20163814 Moderate Nexus 9 Apr 14, 2016
CVE-2016-3815 A-28522274* N-CVE20163815 Moderate Nexus 9 May 1, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Information disclosure vulnerability in MediaTek display driver
An information disclosure vulnerability in the MediaTek display
driver could enable a local malicious application to access data
outside of its permission levels. This issue is rated as Moderate
because it first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-3816 A-28402240* Moderate Android One Apr 26, 2016
* The patch for this issue is not publicly available. The update is
contained in the latest binary drivers for Nexus devices available
from the Google Developer site.
Information disclosure vulnerability in kernel teletype driver
An information disclosure vulnerability in the teletype driver could
enable a local malicious application to access data outside of its
permission levels. This issue is rated as Moderate because it first
requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2016-0723 A-28409131 Upstream kernel Moderate Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, Pixel C Apr 26, 2016
Denial of service vulnerability in Qualcomm bootloader
A denial of service vulnerability in the Qualcomm bootloader could
enable a local malicious application to cause a local permanent
device compromise, which may require reflashing the operating system
to repair the device. This issue is rated as Moderate because it
first requires compromising a privileged process.
CVE References Severity Updated Nexus devices Date reported
CVE-2014-9798 A-28821448 QC-CR681965 Moderate Nexus 5 Oct 31, 2014
CVE-2015-8893 A-28822690 QC-CR822275 Moderate Nexus 5, Nexus 7 (2013) Aug 19, 2015" [1]
MITIGATION
Google advises it has released Over The Air (OTA) updates for Nexus,
and partner updates are expected to be released to the Android Open
Source Project (AOSP) shortly. Android users are advised to update
to the latest versions to address these issues. [1]
REFERENCES
[1] Android Security Bulletin - July 2016
https://source.android.com/security/bulletin/2016-07-01.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBV33v24x+lLeg9Ub1AQhlNQ//VnvvYMbZRXv/oBzGPm66MRkQ6KhnLlYd
8IsiIzbLGHelTjxxkLHMTLKL4/vSK5QxGZVMJblvLSiDZExtSC1NFQAUXLByGdGH
+jj7BAkjDNLDCkt96DZm5MJcaboaA0qEzvOLJstgRwExRdfkHfp3A6EiJ2dsz6SP
0QLcL6JaR5g4eM9hgbsri8GJKIcx8cPX/elyWsDJD9T4OxAm+IQ/NRT9yRW46FdO
ikWXUxKRlv8pjlztoo6g3ZNyuNb627FJ9YFqkeAeRaNsDaXS7jxxrANxTGWhxzLc
2fn7YlhCUHnhAg+ky0pFszhcmxFFer2/QTx61Sh7NJOFINxDXeHtwhVzS14R09f9
+YOCqnWGd4q8mkxU02tDa4z5HOtk1md7bkdtDalmkR9GE7nULtWtyfuJYhTSR+Vd
E4xC43vYutmllGWF6Cqrt5Itt+0j1/b32Ef71cSi/pMkCEUJJlO86VQeaHg6/0j9
GEK0lB1jvNaPew7tDgu5gxylFnBInbtPJDkkswE66CgE8JX0GERvtzYUl+byBNAM
q/3EtDm+QiIUzjKU2wkg2DaeC+Uw59DHWsi1FexV4jE7w7tvYDPuzIt2iufTjaa5
t35u19hSnkZxwI5LiUzn9MnSWPiAPV4q2YeIIUeskUIILJt8+9TxR+DL3Z0qiFG0
pzmXcbmHv9c=
=nE/f
-----END PGP SIGNATURE-----