Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2018.0209
Multiple security vulnerabilities have been identified in the Android OS
7 September 2018
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Google Android devices
Operating System: Android
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Increased Privileges -- Remote with User Interaction
Denial of Service -- Existing Account
Access Confidential Data -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2018-11952 CVE-2018-11951 CVE-2018-11950
CVE-2018-11898 CVE-2018-11866 CVE-2018-11865
CVE-2018-11858 CVE-2018-11857 CVE-2018-11855
CVE-2018-11846 CVE-2018-11842 CVE-2018-11836
CVE-2018-11824 CVE-2018-11816 CVE-2018-11292
CVE-2018-11290 CVE-2018-11288 CVE-2018-11287
CVE-2018-11285 CVE-2018-11270 CVE-2018-11261
CVE-2018-9488 CVE-2018-9487 CVE-2018-9486
CVE-2018-9485 CVE-2018-9484 CVE-2018-9483
CVE-2018-9482 CVE-2018-9481 CVE-2018-9480
CVE-2018-9479 CVE-2018-9478 CVE-2018-9477
CVE-2018-9475 CVE-2018-9474 CVE-2018-9472
CVE-2018-9471 CVE-2018-9470 CVE-2018-9469
CVE-2018-9468 CVE-2018-9467 CVE-2018-9466
CVE-2018-9456 CVE-2018-9440 CVE-2018-9427
CVE-2018-9411 CVE-2018-5914 CVE-2018-5871
CVE-2018-5866 CVE-2018-3588 CVE-2017-18314
CVE-2017-18313 CVE-2017-18312 CVE-2017-18311
CVE-2017-18124 CVE-2017-15825 CVE-2017-5754
CVE-2016-10408 CVE-2016-10394
Member content until: Sunday, October 7 2018
Reference: ASB-2018.0192
ASB-2018.0190
ASB-2018.0145
ESB-2018.0053
ESB-2018.0049
ESB-2018.0044
OVERVIEW
Multiple security vulnerabilities have been identified in the Android
operating system prior to the 2018-09-05 patch level. [1]
IMPACT
Google has provided the following information about these
vulnerabilities:
"Android Runtime
The most severe vulnerability in this section could enable a remote
attacker using a specially crafted file to execute arbitrary code
within the context of an application that uses the library.
CVE References Type Severity Updated AOSP versions
CVE-2018-9466 A-62151041 RCE High 7.0, 7.1.1, 7.1.2, 8.0, 8.1
CVE-2018-9467 A-110955991 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
Framework
The most severe vulnerability in this section could enable a remote
attacker using a specially crafted file to execute arbitrary code
within the context of an unprivileged process.
CVE References Type Severity Updated AOSP versions
CVE-2018-9469 A-109824443 EoP High 7.1.1, 7.1.2, 8.0, 8.1, 9.0
CVE-2018-9470 A-78290481 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
CVE-2018-9471 A-77599679 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
Library
The most severe vulnerability in this section could enable a remote
attacker using a specially crafted file to execute arbitrary code
within the context of an application that uses the library.
CVE References Type Severity Updated AOSP versions
CVE-2018-9472 A-79662501 RCE High 7.0, 7.1.1, 7.1.2, 8.0, 8.1
Media Framework
The most severe vulnerability in this section could enable a local
malicious application to bypass user interaction requirements to gain
access to additional permissions.
CVE References Type Severity Updated AOSP versions
CVE-2018-9474 A-77600398 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
CVE-2018-9440 A-77823362 [2] DoS Moderate 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
System
The most severe vulnerability in this section could enable a local
attacker to bypass user interaction requirements to gain access to
additional permissions.
CVE References Type Severity Updated AOSP versions
CVE-2018-9475 A-79266386 EoP Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
CVE-2018-9478 A-79217522 EoP Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
CVE-2018-9479 A-79217770 EoP Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
CVE-2018-9456 A-78136869 DoS High 7.0, 7.1.1, 7.1.2, 8.0, 8.1
CVE-2018-9477 A-92497653 EoP High 8.0, 8.1
CVE-2018-9480 A-109757168 ID High 8.0, 8.1, 9.0
CVE-2018-9481 A-109757435 ID High 8.0, 8.1, 9.0
CVE-2018-9482 A-109757986 ID High 8.0, 8.1, 9.0
CVE-2018-9483 A-110216173 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
CVE-2018-9484 A-79488381 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
CVE-2018-9485 A-80261585 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
CVE-2018-9486 A-80493272 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
CVE-2018-9487 A-69873852 DoS High 8.0, 8.1, 9.0
CVE-2018-9488 A-110107376 EoP Moderate 8.0, 8.1, 9.0
Update: Media Framework
The most severe vulnerability in this section could enable a remote
attacker using a specially crafted file to execute arbitrary code
within the context of a privileged process.
CVE References Type Severity Updated AOSP versions
CVE-2018-9411 A-79376389 RCE Critical 8.0, 8.1, 9.0
CVE-2018-9427 A-77486542 RCE Critical 8.0, 8.1, 9.0
2018-09-05 security patch level vulnerability details
In the sections below, we provide details for each of the security
vulnerabilities that apply to the 2018-09-05 patch level.
Vulnerabilities are grouped under the component they affect and
include details such as the CVE, associated references, type of
vulnerability, severity, component (where applicable), and updated
AOSP versions (where applicable). When available, we link the public
change that addressed the issue to the bug ID, such as the AOSP change
list. When multiple changes relate to a single bug, additional
references are linked to numbers following the bug ID.
Framework
The most severe vulnerability in this section could enable a local
malicious application to bypass operating system protections that
isolate application data from other applications.
CVE References Type Severity Updated AOSP versions
CVE-2018-9468 A-111084083 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
Kernel components
The most severe vulnerability in this section could enable a remote
attacker to access data normally accessible only to locally installed
applications with permissions.
CVE References Type Severity Component
CVE-2017-5754 A-69856074* ID High Kernel Memory
Upstream kernel
Qualcomm components
These vulnerabilities affect Qualcomm components and are described in
further detail in the appropriate Qualcomm APSS security bulletin or
security alert. Android partners can check applicability of their
issues to their devices through Createpoint. The severity assessment
of these issues is provided directly by Qualcomm.
CVE References Type Severity Component
CVE-2018-11816 A-63527106 N/A High Video
QC-CR#2119840*
CVE-2018-11261 A-64340487 N/A High Video
QC-CR#2119840*
CVE-2018-11836 A-111128620 N/A High WLAN HOST
QC-CR#2214158
CVE-2018-11842 A-111124974 N/A High WLAN HOST
QC-CR#2216741
CVE-2018-11898 A-111128799 N/A High WLAN HOST
QC-CR#2233036
CVE-2017-15825 A-68992460 N/A Moderate Boot
QC-CR#2096455
CVE-2018-11270 A-109741697 N/A Moderate WiredConnectivity
QC-CR#2205728
Qualcomm closed-source components
These vulnerabilities affect Qualcomm components and are described in
further detail in the appropriate Qualcomm AMSS security bulletin or
security alert. Android partners can check applicability of their
issues to their devices through Createpoint. The severity assessment
of these issues is provided directly by Qualcomm.
CVE References Type Severity Component
CVE-2016-10394 A-68326803* N/A Critical Closed-source component
CVE-2017-18314 A-62213176* N/A Critical Closed-source component
CVE-2017-18311 A-73539234* N/A Critical Closed-source component
CVE-2018-11950 A-72950814* N/A Critical Closed-source component
CVE-2018-5866 A-77484228* N/A Critical Closed-source component
CVE-2018-11824 A-111090697* N/A Critical Closed-source component
CVE-2016-10408 A-68326811* N/A High Closed-source component
CVE-2017-18313 A-78240387* N/A High Closed-source component
CVE-2017-18312 A-78239234* N/A High Closed-source component
CVE-2017-18124 A-68326819* N/A High Closed-source component
CVE-2018-3588 A-71501117* N/A High Closed-source component
CVE-2018-11951 A-72950958* N/A High Closed-source component
CVE-2018-11952 A-74236425* N/A High Closed-source component
CVE-2018-5871 A-77484229* N/A High Closed-source component
CVE-2018-5914 A-79419793* N/A High Closed-source component
CVE-2018-11288 A-109677940* N/A High Closed-source component
CVE-2018-11285 A-109677982* N/A High Closed-source component
CVE-2018-11290 A-109677964* N/A High Closed-source component
CVE-2018-11292 A-109678202* N/A High Closed-source component
CVE-2018-11287 A-109678380* N/A High Closed-source component
CVE-2018-11846 A-111091377* N/A High Closed-source component
CVE-2018-11855 A-111090533* N/A High Closed-source component
CVE-2018-11857 A-111093202* N/A High Closed-source component
CVE-2018-11858 A-111090698* N/A High Closed-source component
CVE-2018-11866 A-111093021* N/A High Closed-source component
CVE-2018-11865 A-111093167* N/A High Closed-source component" [1]
MITIGATION
Android users are advised to update to the latest applicable version
to address these vulnerabilities. [1]
Google advises that they have had no reports of active
customer exploitation or abuse of these newly-reported issues. [1]
REFERENCES
[1] Android Security Bulletin—September 2018
https://source.android.com/security/bulletin/2018-09-01
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBW5IRRWaOgq3Tt24GAQgk3w//arrBWiVhY3The6e2sPXSZnrjlwzuT7Uj
OXgQkzSte/24glIrbSNl+tMymDkAYIRlly5d/DWuNFk7GI2QgGm1nnwI1uG0tKqq
wREaYE4dU4OcMUf38E90DP/mer35BXeiLmCQamognRpSzzfLj1gtDzTbhuOfVAvN
ITZXU/56q9RakcClvTUC20BQLY1/P3y1oK+Ekkj1qLZ3DFDFF8HmucbnXh+LtPAg
I6yoMT6UWKJfkSQJnX3GTuBL+HNSReIyRJTWxYqJfojjsY7c3HDZxIHRBtSKTZNL
M6o4OSJsROAy9b3LmzuD5cUzM9cKUJOB709DPYY8unxU0EKczu5yKFzUuRk80lJI
ragXk8NfEQjOcZlswzuccLgjABACe8v+20DKn6c+dnsmQGrnEw0G+b3q3AufqhAd
4O7OZ4ZmbIHnxTtBL2NQ5woLUTuXvxeZYcOl2QOp7nB2EEjeL0WldCUGAZEvB7bp
dT5WqzS+mzdqfajOXmFXcIAEarDZF5LABOC8iI2HeXImx1bxdGsl/y32dHbrh4Ys
k2mUeZkFl4s08Chp7s/y9Apoz93zbU8KiToH+V29YTQq7ReH1XoQ0jsr2HzN6M9P
4+Zb73KJhFYXbwcv+PXUeS9w1f2j4EVqBox2x7GX3B9xuXBY8Cik9w5dHTQK5rbr
C2leFpWAAgc=
=cIeM
-----END PGP SIGNATURE-----