Operating System:

[Mobile]

Published:

05 January 2016

Protect yourself against future threats.

//Service

Sensitive Information Alert

Alert notification provided via email for sensitive material found online by our analyst team which specifically targets your organisation.

Read more
Resources > Security Bulletins > ESB-2016.0024 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2016.0024
      BlackBerry powered by Android Security Bulletin - January 2016
                              5 January 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           BlackBerry powered by Android
Publisher:         BlackBerry
Operating System:  BlackBerry Device
Impact/Access:     Increased Privileges            -- Remote/Unauthenticated      
                   Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Access Confidential Data        -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2015-6645 CVE-2015-6644 CVE-2015-6643
                   CVE-2015-6636 CVE-2015-5310 

Reference:         ESB-2015.2807

Original Bulletin: 
   http://support.blackberry.com/kb/articleDetail?articleNumber=000037749

- --------------------------BEGIN INCLUDED TEXT--------------------

BlackBerry powered by Android Security Bulletin January 2016

Article Number: 000037749 

First Published: January 04, 2016 

Last Modified: January 04, 2016 

Type: Security Bulletin

Purpose of this Bulletin

BlackBerry has released a security update to address multiple vulnerabilities
in BlackBerry powered by Android smartphones. We recommend that users update 
to the latest available build, as outlined in the Available Updates section.

BlackBerry releases security bulletins to notify users of its Android 
smartphones about available security fixes; see BlackBerry.com/bbsirt for a 
complete list of monthly bulletins. This advisory is in response to the Nexus
Security Bulletin (January 2016) and addresses the issues in that bulletin 
that affect BlackBerry powered by Android smartphones.

Vulnerabilities Fixed in this Update

The following vulnerabilities have been remediated in this update:

Summary	 							Description	 								CVE

Remote Code Execution Vulnerability in Mediaserver		During media file and data processing of a specially crafted file, 		CVE-2015-6636
								vulnerabilities in mediaserver could allow an attacker to cause
								memory corruption and remote code execution as the
								mediaserver process.
															
								The affected functionality is provided as a core part of the
								operating system and there are multiple applications that allow
								it to be reached with remote content, most notably MMS and
								browser playback of media.
	

 Elevation of Privilege Vulnerability in Setup Wizard		An elevation of privilege vulnerability in the Setup Wizard can			CVE-2015-6643
								enable an attacker with physical access to the device to gain
								access to device settings and perform a manual device reset.

Elevation of Privilege Vulnerability in Wi-Fi			An elevation of privilege vulnerability in the Wi-Fi component			CVE-2015-5310
								can enable a locally proximate attacker to gain access to Wi-Fi
								service related information. A device is only vulnerable to this
								issue while in local proximity.
	


Information Disclosure Vulnerability in Bouncy Castle		An information disclosure vulnerability in the Bouncy Castle can		CVE-2015-6644
								enable a local malicious application to gain access to user's
								private information.

Denial of Service Vulnerability in SyncManager			A denial of service vulnerability in the SyncManager can enable a		CVE-2015-6645
								local malicious application to cause a reboot loop.

Available Updates

An updated software version is available immediately for BlackBerry Powered by
Android smartphones that have been purchased from ShopBlackBerry.com. The 
updated software version can be identified with the following build ID:

Build AAD250

If your BlackBerry Powered by Android smartphone was purchased from a source 
other than ShopBlackBerry.com, please contact that retailer or carrier 
directly for security maintenance release availability information.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVotUIn6ZAP0PgtI9AQJs2g//WpuIsKh8CO9GF5KKhqCZxBb3RkAvwerw
d5CC1RBewmrmavqRL7rX2ilYeUdTy1HL0tLGbHAMhDuslKn6kd3E94iiGBGpoJGn
g4P/48BwRJTqldPqNFwyFW29bss/dEom/uOWQRgb7UL/mqFGACKuL2urMWZHd/RT
uMqK8LAubmta5oUtRAjXLIZbL7RjvuAIVgfXStPQ4TpUUX3ZpK12HXeEtV6xrZwk
UyoUPvUUeXGoO5Qa9/z8pEo/RrQUT51ps22yzsPuV3kTX9+eyc1g9uCXJsJLNct4
gZ7sqU86uriDjX/M50JK51L/oPh3+A9cB+GOawQDCk6r1Gy4R5oZ7csa8Cr8SzJu
AXyl7pnPBl2rq0GuLdxSPim3vtiNSMnJaRdBVPsMU45I4kmyE2Zw+9ZOCG8bDh12
4xpugl6p/uaoTkpISoz50tXGCvFAa7sqFwQGkSgkxeexcT8ioKmvjmTBvPeAh6JO
C9OgFb+KxOju9JyMhZ4kkrtJVmpvGh7L51qbr6m4I7q/xqrZYgNvlJaYAiFbBvh9
HOWog2CcYpZqiLSdjGar4mkGcg/GpqinO26vNFg4/R/qjbqM1JWAPZpY2okuzgks
YANVXsPc8OVR048BHkDRBNojHoP4kj0QwceKyCpUZd5Q4dE0CNRl68CG/YjbZOgO
3zrYLztaCMk=
=a/cw
-----END PGP SIGNATURE-----