Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2016.1426
BlackBerry powered by Android Security Bulletin June 2016
7 June 2016
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: BlackBerry powered by Android
Publisher: BlackBerry
Operating System: Android
BlackBerry Device
Impact/Access: Root Compromise -- Remote with User Interaction
Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Denial of Service -- Remote with User Interaction
Access Confidential Data -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2016-2500 CVE-2016-2499 CVE-2016-2496
CVE-2016-2495 CVE-2016-2494 CVE-2016-2493
CVE-2016-2489 CVE-2016-2488 CVE-2016-2487
CVE-2016-2486 CVE-2016-2485 CVE-2016-2484
CVE-2016-2483 CVE-2016-2482 CVE-2016-2481
CVE-2016-2480 CVE-2016-2479 CVE-2016-2478
CVE-2016-2477 CVE-2016-2476 CVE-2016-2475
CVE-2016-2469 CVE-2016-2468 CVE-2016-2465
CVE-2016-2464 CVE-2016-2463 CVE-2016-2066
CVE-2016-2062 CVE-2016-2061
Original Bulletin:
http://support.blackberry.com/kb/articleDetail?articleNumber=000038209
- --------------------------BEGIN INCLUDED TEXT--------------------
BlackBerry powered by Android Security Bulletin June 2016
Article Number: 000038209
First Published: June 06, 2016
Last Modified: June 06, 2016
Type: Security Bulletin
Purpose of this Bulletin
BlackBerry has released a security update to address multiple vulnerabilities
in BlackBerry powered by Android smartphones. We recommend users update to the
latest available build, as outlined in the Available Updates section.
BlackBerry releases security bulletins to notify users of its Android
smartphones about available security fixes; see BlackBerry.com/bbsirt for a
complete list of monthly bulletins. This advisory is in response to the
Android Security Bulletin (June 2016) and addresses issues in that bulletin
that affect BlackBerry powered by Android smartphones.
Vulnerabilities Fixed in this Update
The following vulnerabilities have been remediated in this update:
CVE-2016-2463:
Remote Code Execution Vulnerability in Mediaserver
A remote code execution vulnerability in mediaserver could enable an attacker
using a specially crafted file to cause memory corruption during media file
and data processing.
The affected functionality is provided as a core part of the operating system
and there are multiple applications that allow it to be reached with remote
content, most notably MMS and browser playback of media.
CVE-2016-2464:
Remote Code Execution Vulnerabilities in libwebm
Remote code execution vulnerabilities with libwebm could enable an attacker
using a specially crafted file to cause memory corruption during media file
and data processing.
The affected functionality is provided as a core part of the operating system
and there are multiple applications that allow it to be reached with remote
content, most notably MMS and browser playback of media.
CVE-2016-2465:
Elevation of Privilege Vulnerability in Qualcomm Video Driver
An elevation of privilege vulnerability in the Qualcomm video driver could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-2468, CVE-2016-2062:
Elevation of Privilege Vulnerabilities in Qualcomm GPU Driver
Elevation of privilege vulnerabilities in the Qualcomm GPU driver could enable
a local malicious application to execute arbitrary code within the context of
the kernel.
CVE-2016-2475:
Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could
enable a local malicious application to invoke system calls changing the
device settings and behavior without the privileges to do so.
CVE-2016-2066, CVE-2016-2469:
Elevation of Privilege Vulnerabilities in Qualcomm Sound Driver
Elevation of privilege vulnerabilities in the Qualcomm sound driver could
enable a malicious application to execute arbitrary code within the context of
the kernel.
CVE-2016-2476, CVE-2016-2477, CVE-2016-2478, CVE-2016-2479, CVE-2016-2480,
CVE-2016-2481, CVE-2016-2482, CVE-2016-2483, CVE-2016-2484, CVE-2016-2485
CVE-2016-2486, CVE-2016-2487:
Elevation of Privilege Vulnerabilities in Mediaserver
Elevation of privilege vulnerabilities in mediaserver could enable a local
malicious application to execute arbitrary code within the context of an
elevated system application.
CVE-2016-2061, CVE-2016-2488:
Elevation of Privilege Vulnerabilities in Qualcomm Camera Driver
Elevation of privilege vulnerabilities in the Qualcomm camera driver could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-2489:
Elevation of Privilege Vulnerability in Qualcomm Video Driver
An elevation of privilege vulnerability in the Qualcomm video driver could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-2494:
Elevation of Privilege Vulnerability in SD Card Emulation Layer
An elevation of privilege vulnerability in the SD Card userspace emulation
layer could enable a local malicious application to execute arbitrary code
within the context of an elevated system application.
CVE-2016-2493:
Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-2495:
Remote Denial of Service Vulnerability in Mediaserver
A remote denial of service vulnerability in mediaserver could enable an
attacker to use a specially crafted file to cause a device hang or reboot.
CVE-2016-2496:
Elevation of Privilege Vulnerability in Framework UI
An elevation of privilege vulnerability in the Framework UI permission dialog
window could enable an attacker to gain access to unauthorized files in
private storage.
CVE-2016-2499:
Information Disclosure Vulnerability in Mediaserver
An information disclosure vulnerability in mediaserver could allow an
application to access sensitive information.
CVE-2016-2500:
Information Disclosure Vulnerability in Activity Manager
An information disclosure vulnerability in the Activity Manager component
could allow an application to access sensitive information.
Available Updates
An updated software version is available immediately for BlackBerry powered by
Android smartphones that have been purchased from ShopBlackBerry.com. Updated
builds may also be available from other retailers or carriers, dependent on
their deployment schedules.
To identify an up to date build, navigate to the Settings>About Phone menu.
Look for the following Android security patch level:
June 1, 2016.
If your BlackBerry powered by Android smartphone does not have an up-to-date
build available, please contact your retailer or carrier directly for security
maintenance release availability information.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBV1YueIx+lLeg9Ub1AQghiw//YT9vA13PcG6tNQfVL79QlMt2GSzenUiF
s5ouTly3ul1g+FRjxLSyTLObNj79HsEHq6jWG5aJwgsVhTEinUGZLfxJwPm7wkw3
CwHfq25vkuhJiQlccdn0ry7tj1h62oXOo/rlp3du3QfKbXA2dms8CGIshex6Qrip
ogEd8vWNnDqgR7OSR5HSR/5QLdMNpZC7Qts00Zjw4hDhBbyrEcKckvMkat/QvwOB
jZByihceobbb/b33ohc99armhRTr8/IWmaXmkIzp9nsNmqTt0zqEK2Q+6gslL6iA
y+GR9e/8Ri2OpkU1Uq3WSHhRIGT5ThLTU8unhCcJm1G2IKFmsd/m1GVDAR/d8ZoP
ws5faAYwAlb0fPpIt/GJG1kmxSgFi2TPN4TOpQp2jjcl/jhLmW8ccwJSihDqCPmy
k2s793iOUw55eSoELGG+jEhwtQ4p/RhL70bPbm6fU+066bP6Z6BCiUB1Bx5ufubf
uDDpe6wNHXNsyASYxNLgRmHn07H7oAbts2BwKhxDJ/d9Sp4qWXzYoRP+hFRv5KD6
9vdL22hND6vEu90RUeuv7FXqvmEmOaGTdwHb1rWkihxAY/dGnpD3MBvpzWLPrLao
QNGi7lgkYK4oDt69/21zjvlABQAcessKMiRWNQvLblljBk3DoqWUHALvTCQywTMa
OLgiFHwVO5g=
=TvjN
-----END PGP SIGNATURE-----