Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2018.0209 Multiple security vulnerabilities have been identified in the Android OS 7 September 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Android devices Operating System: Android Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Increased Privileges -- Remote with User Interaction Denial of Service -- Existing Account Access Confidential Data -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2018-11952 CVE-2018-11951 CVE-2018-11950 CVE-2018-11898 CVE-2018-11866 CVE-2018-11865 CVE-2018-11858 CVE-2018-11857 CVE-2018-11855 CVE-2018-11846 CVE-2018-11842 CVE-2018-11836 CVE-2018-11824 CVE-2018-11816 CVE-2018-11292 CVE-2018-11290 CVE-2018-11288 CVE-2018-11287 CVE-2018-11285 CVE-2018-11270 CVE-2018-11261 CVE-2018-9488 CVE-2018-9487 CVE-2018-9486 CVE-2018-9485 CVE-2018-9484 CVE-2018-9483 CVE-2018-9482 CVE-2018-9481 CVE-2018-9480 CVE-2018-9479 CVE-2018-9478 CVE-2018-9477 CVE-2018-9475 CVE-2018-9474 CVE-2018-9472 CVE-2018-9471 CVE-2018-9470 CVE-2018-9469 CVE-2018-9468 CVE-2018-9467 CVE-2018-9466 CVE-2018-9456 CVE-2018-9440 CVE-2018-9427 CVE-2018-9411 CVE-2018-5914 CVE-2018-5871 CVE-2018-5866 CVE-2018-3588 CVE-2017-18314 CVE-2017-18313 CVE-2017-18312 CVE-2017-18311 CVE-2017-18124 CVE-2017-15825 CVE-2017-5754 CVE-2016-10408 CVE-2016-10394 Member content until: Sunday, October 7 2018 Reference: ASB-2018.0192 ASB-2018.0190 ASB-2018.0145 ESB-2018.0053 ESB-2018.0049 ESB-2018.0044 OVERVIEW Multiple security vulnerabilities have been identified in the Android operating system prior to the 2018-09-05 patch level. [1] IMPACT Google has provided the following information about these vulnerabilities: "Android Runtime The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an application that uses the library. CVE References Type Severity Updated AOSP versions CVE-2018-9466 A-62151041 RCE High 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-9467 A-110955991 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0 Framework The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. CVE References Type Severity Updated AOSP versions CVE-2018-9469 A-109824443 EoP High 7.1.1, 7.1.2, 8.0, 8.1, 9.0 CVE-2018-9470 A-78290481 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0 CVE-2018-9471 A-77599679 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0 Library The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an application that uses the library. CVE References Type Severity Updated AOSP versions CVE-2018-9472 A-79662501 RCE High 7.0, 7.1.1, 7.1.2, 8.0, 8.1 Media Framework The most severe vulnerability in this section could enable a local malicious application to bypass user interaction requirements to gain access to additional permissions. CVE References Type Severity Updated AOSP versions CVE-2018-9474 A-77600398 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0 CVE-2018-9440 A-77823362 [2] DoS Moderate 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0 System The most severe vulnerability in this section could enable a local attacker to bypass user interaction requirements to gain access to additional permissions. CVE References Type Severity Updated AOSP versions CVE-2018-9475 A-79266386 EoP Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0 CVE-2018-9478 A-79217522 EoP Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0 CVE-2018-9479 A-79217770 EoP Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0 CVE-2018-9456 A-78136869 DoS High 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-9477 A-92497653 EoP High 8.0, 8.1 CVE-2018-9480 A-109757168 ID High 8.0, 8.1, 9.0 CVE-2018-9481 A-109757435 ID High 8.0, 8.1, 9.0 CVE-2018-9482 A-109757986 ID High 8.0, 8.1, 9.0 CVE-2018-9483 A-110216173 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0 CVE-2018-9484 A-79488381 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0 CVE-2018-9485 A-80261585 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0 CVE-2018-9486 A-80493272 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0 CVE-2018-9487 A-69873852 DoS High 8.0, 8.1, 9.0 CVE-2018-9488 A-110107376 EoP Moderate 8.0, 8.1, 9.0 Update: Media Framework The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process. CVE References Type Severity Updated AOSP versions CVE-2018-9411 A-79376389 RCE Critical 8.0, 8.1, 9.0 CVE-2018-9427 A-77486542 RCE Critical 8.0, 8.1, 9.0 2018-09-05 security patch level vulnerability details In the sections below, we provide details for each of the security vulnerabilities that apply to the 2018-09-05 patch level. Vulnerabilities are grouped under the component they affect and include details such as the CVE, associated references, type of vulnerability, severity, component (where applicable), and updated AOSP versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, such as the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID. Framework The most severe vulnerability in this section could enable a local malicious application to bypass operating system protections that isolate application data from other applications. CVE References Type Severity Updated AOSP versions CVE-2018-9468 A-111084083 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9 Kernel components The most severe vulnerability in this section could enable a remote attacker to access data normally accessible only to locally installed applications with permissions. CVE References Type Severity Component CVE-2017-5754 A-69856074* ID High Kernel Memory Upstream kernel Qualcomm components These vulnerabilities affect Qualcomm components and are described in further detail in the appropriate Qualcomm APSS security bulletin or security alert. Android partners can check applicability of their issues to their devices through Createpoint. The severity assessment of these issues is provided directly by Qualcomm. CVE References Type Severity Component CVE-2018-11816 A-63527106 N/A High Video QC-CR#2119840* CVE-2018-11261 A-64340487 N/A High Video QC-CR#2119840* CVE-2018-11836 A-111128620 N/A High WLAN HOST QC-CR#2214158 CVE-2018-11842 A-111124974 N/A High WLAN HOST QC-CR#2216741 CVE-2018-11898 A-111128799 N/A High WLAN HOST QC-CR#2233036 CVE-2017-15825 A-68992460 N/A Moderate Boot QC-CR#2096455 CVE-2018-11270 A-109741697 N/A Moderate WiredConnectivity QC-CR#2205728 Qualcomm closed-source components These vulnerabilities affect Qualcomm components and are described in further detail in the appropriate Qualcomm AMSS security bulletin or security alert. Android partners can check applicability of their issues to their devices through Createpoint. The severity assessment of these issues is provided directly by Qualcomm. CVE References Type Severity Component CVE-2016-10394 A-68326803* N/A Critical Closed-source component CVE-2017-18314 A-62213176* N/A Critical Closed-source component CVE-2017-18311 A-73539234* N/A Critical Closed-source component CVE-2018-11950 A-72950814* N/A Critical Closed-source component CVE-2018-5866 A-77484228* N/A Critical Closed-source component CVE-2018-11824 A-111090697* N/A Critical Closed-source component CVE-2016-10408 A-68326811* N/A High Closed-source component CVE-2017-18313 A-78240387* N/A High Closed-source component CVE-2017-18312 A-78239234* N/A High Closed-source component CVE-2017-18124 A-68326819* N/A High Closed-source component CVE-2018-3588 A-71501117* N/A High Closed-source component CVE-2018-11951 A-72950958* N/A High Closed-source component CVE-2018-11952 A-74236425* N/A High Closed-source component CVE-2018-5871 A-77484229* N/A High Closed-source component CVE-2018-5914 A-79419793* N/A High Closed-source component CVE-2018-11288 A-109677940* N/A High Closed-source component CVE-2018-11285 A-109677982* N/A High Closed-source component CVE-2018-11290 A-109677964* N/A High Closed-source component CVE-2018-11292 A-109678202* N/A High Closed-source component CVE-2018-11287 A-109678380* N/A High Closed-source component CVE-2018-11846 A-111091377* N/A High Closed-source component CVE-2018-11855 A-111090533* N/A High Closed-source component CVE-2018-11857 A-111093202* N/A High Closed-source component CVE-2018-11858 A-111090698* N/A High Closed-source component CVE-2018-11866 A-111093021* N/A High Closed-source component CVE-2018-11865 A-111093167* N/A High Closed-source component" [1] MITIGATION Android users are advised to update to the latest applicable version to address these vulnerabilities. [1] Google advises that they have had no reports of active customer exploitation or abuse of these newly-reported issues. [1] REFERENCES [1] Android Security Bulletin—September 2018 https://source.android.com/security/bulletin/2018-09-01 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW5IRRWaOgq3Tt24GAQgk3w//arrBWiVhY3The6e2sPXSZnrjlwzuT7Uj OXgQkzSte/24glIrbSNl+tMymDkAYIRlly5d/DWuNFk7GI2QgGm1nnwI1uG0tKqq wREaYE4dU4OcMUf38E90DP/mer35BXeiLmCQamognRpSzzfLj1gtDzTbhuOfVAvN ITZXU/56q9RakcClvTUC20BQLY1/P3y1oK+Ekkj1qLZ3DFDFF8HmucbnXh+LtPAg I6yoMT6UWKJfkSQJnX3GTuBL+HNSReIyRJTWxYqJfojjsY7c3HDZxIHRBtSKTZNL M6o4OSJsROAy9b3LmzuD5cUzM9cKUJOB709DPYY8unxU0EKczu5yKFzUuRk80lJI ragXk8NfEQjOcZlswzuccLgjABACe8v+20DKn6c+dnsmQGrnEw0G+b3q3AufqhAd 4O7OZ4ZmbIHnxTtBL2NQ5woLUTuXvxeZYcOl2QOp7nB2EEjeL0WldCUGAZEvB7bp dT5WqzS+mzdqfajOXmFXcIAEarDZF5LABOC8iI2HeXImx1bxdGsl/y32dHbrh4Ys k2mUeZkFl4s08Chp7s/y9Apoz93zbU8KiToH+V29YTQq7ReH1XoQ0jsr2HzN6M9P 4+Zb73KJhFYXbwcv+PXUeS9w1f2j4EVqBox2x7GX3B9xuXBY8Cik9w5dHTQK5rbr C2leFpWAAgc= =cIeM -----END PGP SIGNATURE-----