Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2016.1866
BlackBerry powered by Android Security Bulletin August 2016
2 August 2016
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: BlackBerry powered by Android
Publisher: BlackBerry
Operating System: BlackBerry Device
Android
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Root Compromise -- Remote with User Interaction
Denial of Service -- Remote/Unauthenticated
Access Confidential Data -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2016-4578 CVE-2016-4569 CVE-2016-4482
CVE-2016-3857 CVE-2016-3855 CVE-2016-3853
CVE-2016-3850 CVE-2016-3849 CVE-2016-3843
CVE-2016-3842 CVE-2016-3841 CVE-2016-3840
CVE-2016-3839 CVE-2016-3838 CVE-2016-3837
CVE-2016-3836 CVE-2016-3835 CVE-2016-3834
CVE-2016-3833 CVE-2016-3832 CVE-2016-3831
CVE-2016-3830 CVE-2016-3829 CVE-2016-3828
CVE-2016-3827 CVE-2016-3826 CVE-2016-3825
CVE-2016-3824 CVE-2016-3823 CVE-2016-3822
CVE-2016-3821 CVE-2016-3820 CVE-2016-3819
CVE-2016-2544 CVE-2016-2504 CVE-2016-2497
CVE-2015-2686 CVE-2014-9904 CVE-2014-9903
Reference: ESB-2016.1665
ESB-2016.0579
ASB-2016.0079
Original Bulletin:
http://support.blackberry.com/kb/articleDetail?articleNumber=000038360
- --------------------------BEGIN INCLUDED TEXT--------------------
BlackBerry powered by Android Security Bulletin August 2016
Article Number: 000038360
First Published: August 01, 2016
Last Modified: August 01, 2016
Type: Security Bulletin
Purpose of this Bulletin
BlackBerry has released a security update to address multiple vulnerabilities
in BlackBerry powered by Android smartphones. We recommend users update to the
latest available build, as outlined in the Available Updates section.
BlackBerry releases security bulletins to notify users of its Android
smartphones about available security fixes; see BlackBerry.com/bbsirt for a
complete list of monthly bulletins. This advisory is in response to the
Android Security Bulletin (August 2016) and addresses issues in that bulletin
that affect BlackBerry powered by Android smartphones.
Vulnerabilities Fixed in this Update
The following vulnerabilities have been remediated in this update:
CVE-2016-3819, CVE-2016-3820, CVE-2016-3821:
Remote Code Execution Vulnerabilities in Mediaserver
Remote code execution vulnerabilities in mediaserver could enable an attacker
using a specially crafted file to cause memory corruption during media file
and data processing. The affected functionality is provided as a core part of
the operating system and there are multiple applications that allow it to be
reached with remote content, most notably MMS and browser playback of
media.Remote code execution vulnerabilities in mediaserver could enable an
attacker using a specially crafted file to cause memory corruption during
media file and data processing. The affected functionality is provided as a
core part of the operating system and there are multiple applications that
allow it to be reached with remote content, most notably MMS and browser
playback of media.
CVE-2016-3822:
Remote Code Execution Vulnerability in libjhead
A remote code execution vulnerability in libjhead could enable an attacker
using a specially crafted file to execute arbitrary code in the context of an
unprivileged process.
CVE-2016-3823, CVE-2016-3824, CVE-2016-3825, CVE-2016-3826:
Elevation of Privilege Vulnerabilities in Mediaserver
Elevation of privilege vulnerabilities in mediaserver could enable a local
malicious application to execute arbitrary code within the context of a
privileged process.
CVE-2016-3827, CVE-2016-3828, CVE-2016-3829, CVE-2016-3830:
Denial of Service Vulnerabilities in Mediaserver
Denial of service vulnerabilities in mediaserver could enable an attacker
using a specially crafted file to cause a device hang or reboot.
CVE-2016-3831:
Denial of Service Vulnerability in System Clock
A denial of service vulnerability in the system clock could enable a remote
attacker to crash the device.
CVE-2016-3832:
Elevation of Privilege Vulnerability in Framework APIs
An elevation of privilege vulnerability in the framework APIs could enable a
local malicious application to bypass operating system protections that
isolate application data from other applications.
CVE-2016-3833:
Elevation of Privilege Vulnerability in Shell
An elevation of privilege in the Shell could enable a local malicious
application to bypass device constraints such as user restrictions.
CVE-2016-3834:
Information Disclosure Vulnerability in Camera APIs
An information disclosure vulnerability in the camera APIs could allow a local
malicious application to access data outside of its permission levels.
CVE-2016-3835:
Information Disclosure Vulnerability in Mediaserver
An information disclosure vulnerability in mediaserver could allow a local
malicious application to access data outside of its permission levels.
CVE-2016-3836:
Information Disclosure Vulnerability in SurfaceFlinger
An information disclosure vulnerability in the SurfaceFlinger service could
enable a local malicious application to access data outside of its permission
levels.
CVE-2016-3837:
Information Disclosure Vulnerability in Wi-Fi
An information disclosure vulnerability in Wi-Fi could allow a local malicious
application to access data outside of its permission levels.
CVE-2016-3838:
Denial of Service Vulnerability in System UI
A denial of service vulnerability in the system UI could enable a local
malicious application to prevent 911 calls from a locked screen.
CVE-2016-3839:
Denial of Service Vulnerability in Bluetooth
A denial of service vulnerability in Bluetooth could enable a local malicious
application to prevent 911 calls from a Bluetooth device.
CVE-2016-3840:
Remote Code Execution Vulnerability in Conscrypt
A remote code execution vulnerability in Conscrypt could enable a remote
attacker to execute arbitrary code within the context of a privileged process.
CVE-2015-2686, CVE-2016-3841:
Elevation of Privilege Vulnerabilities in Kernel Networking Component
Elevation of privilege vulnerabilities in the kernel networking component
could enable a local malicious application to execute arbitrary code within
the context of the kernel.
CVE-2016-2504, CVE-2016-3842:
Elevation of Privilege Vulnerabilities in Qualcomm GPU driver
Elevation of privilege vulnerabilities in the Qualcomm GPU driver could enable
a local malicious application to execute arbitrary code within the context of
the kernel.
CVE-2016-3843:
Elevation of Privilege Vulnerabilities in Qualcomm Performance Component
Elevation of privilege vulnerabilities in the Qualcomm performance component
could enable a local malicious application to execute arbitrary code within
the context of the kernel.
CVE-2016-3857:
Elevation of Privilege Vulnerability in Kernel
An elevation of privilege vulnerability in the kernel could enable a local
malicious application to execute arbitrary code within the context of the
kernel.
CVE-2016-2544, CVE-2014-9904:
Elevation of Privilege Vulnerabilities in Kernel Sound Component
Elevation of privilege vulnerabilities in the kernel sound component could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-3849:
Elevation of Privilege Vulnerability in ION Driver
An elevation of privilege vulnerability in the ION driver could enable a local
malicious application to execute arbitrary code within the context of the
kernel.
CVE-2016-3850:
Elevation of Privilege Vulnerability in Qualcomm Bootloader
An elevation of privilege vulnerability in the Qualcomm bootloader could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-3843:
Elevation of Privilege Vulnerability in Kernel Performance Subsystem
An elevation of privilege vulnerability in the kernel performance subsystem
could enable a local malicious application to execute arbitrary code within
the context of the kernel.
CVE-2014-9903:
Information Disclosure Vulnerability in Kernel Scheduler
An information disclosure vulnerability in the kernel scheduler could enable a
local malicious application to access data outside of its permission levels.
CVE-2016-4482:
Information Disclosure Vulnerability in USB driver
An information disclosure vulnerability in the USB driver could enable a local
malicious application to access data outside of its permission levels.
CVE-2016-3853:
Elevation of Privilege Vulnerability in Google Play Services
An elevation of privilege vulnerability in Google Play services could allow a
local attacker to bypass the Factory Reset Protection and gain access to the
device.
CVE-2016-2497:
Elevation of Privilege Vulnerability in Framework APIs
An elevation of privilege vulnerability in the framework APIs could enable a
pre-installed application to increase its intent filter priority when the
application is being updated without the user being notified.
CVE-2016-4578:
Information Disclosure Vulnerability in Kernel Networking Component
An information disclosure vulnerability in the kernel networking component
could enable a local malicious application to access data outside of its
permission levels.
CVE-2016-4569, CVE-2016-4578:
Information Disclosure Vulnerabilities in Kernel Sound Component
Information disclosure vulnerabilities in the kernel sound component could
enable a local malicious application to access data outside of its permission
levels.
CVE-2016-3855:
Vulnerability in Qualcomm Components
A vulnerability in the thermal driver can result in a local malicious
application being able to corrupt memory, possibly resulting in a temporary
denial of service.
Available Updates
An updated software version is available immediately for BlackBerry powered by
Android smartphones that have been purchased from ShopBlackBerry.com. Updated
software builds may also be available from other retailers or carriers,
dependent on their deployment schedules.
To identify an up to date software build, navigate to the Settings>About Phone
menu. Look for the following Android security patch level:
August 5, 2016
If your BlackBerry powered by Android smartphone does not have an up-to-date
software build available, please contact your retailer or carrier directly for
security maintenance release availability information.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBV5/+pYx+lLeg9Ub1AQia4A/+LHhd9XmJnG37UAEaGVCtnfo+UzUfwzEG
YP64MXHflw0HQ1QAEC2HrnkGB6wvWe8RjpGttaaWU/P1I/5S+/a8jnP/3YQnvajJ
O1hh4cYVnS1/2jxiwhGDO42Fm4zJHRIhMO2L4WuZ3nPCduLTO+3rC0px5d36WFMp
j9N1mOmK4GC0qxZyvma+sdjzi3oQtAhOnwTrW/4iFpoTjjiQvOREhF9HlkRcXgwm
apFy+LnA+7FA6/Leb/Ktt3M8FPJ/ZKjgNaBAJcKG8m23heJCnK5AeiwOb6pzudlu
03FJthMJQUxuV2E+27WIDVo5Z8QsiI0uw9G5RWuWw0HBVkKvQkmAMLlCk1M+Cg9n
wWWlgXEutKeZoXXVqsrBYFTukqEaOeIXlALXtK6FOcVbRo/zdDASZsS1+Ox9gSJh
UQtYv9PQ4ZWOLYaF/yOYiRhIKCYXjnN9eGeyN2AU9BNXsRsd9JDiK0FeW1SrvmVX
KjMj5naCf+poyzTpm6VSy6oQC/tYNP2espPI2Zx6SYz63Ng2j1ke9z/U7nbYpywC
yOoSKNJ2OR3iWRcOCNTth+8TXY9qIwSTmc74bCmEkV0Y/zSiszRnH1sd6wKVsc6P
3RJGKRYiE36Vsd/2uobRD67L21Eyb5B0tt2DWIlgXZwaHL5JXEh9gF1RE0ehQpEC
YWVVkTng3ZA=
=8xTf
-----END PGP SIGNATURE-----