Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2017.0039 BlackBerry powered by Android Security Bulletin - January 2017 4 January 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: BlackBerry powered by Android Publisher: BlackBerry Operating System: Android Impact/Access: Root Compromise -- Existing Account Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2017-0404 CVE-2017-0403 CVE-2017-0402 CVE-2017-0401 CVE-2017-0400 CVE-2017-0399 CVE-2017-0398 CVE-2017-0397 CVE-2017-0396 CVE-2017-0395 CVE-2017-0394 CVE-2017-0393 CVE-2017-0392 CVE-2017-0391 CVE-2017-0390 CVE-2017-0389 CVE-2017-0387 CVE-2017-0386 CVE-2017-0385 CVE-2017-0384 CVE-2017-0382 CVE-2017-0381 CVE-2016-9754 CVE-2016-8466 CVE-2016-8465 CVE-2016-8464 CVE-2016-8459 CVE-2016-8458 CVE-2016-8457 CVE-2016-8456 CVE-2016-8454 CVE-2016-8452 CVE-2016-8450 CVE-2016-8444 CVE-2016-8443 CVE-2016-8442 CVE-2016-8441 CVE-2016-8440 CVE-2016-8439 CVE-2016-8438 CVE-2016-8437 CVE-2016-8434 CVE-2016-8423 CVE-2016-8422 CVE-2016-8415 CVE-2016-8412 CVE-2016-8398 CVE-2016-7042 CVE-2016-5345 CVE-2016-5080 CVE-2015-3288 Reference: ASB-2017.0002 ESB-2017.0029 ESB-2016.3057 ESB-2016.1799 ESB-2016.1784 Original Bulletin: http://support.blackberry.com/kb/articleDetail?articleNumber=000038932 - --------------------------BEGIN INCLUDED TEXT-------------------- BlackBerry powered by Android Security Bulletin - January 2017 Article Number: 000038932 First Published: January 03, 2017 Last Modified: January 04, 2017 Type: Security Bulletin Purpose of this Bulletin BlackBerry has released a security update to address multiple vulnerabilities in BlackBerry powered by Android smartphones. We recommend users update to the latest available software build. BlackBerry releases security bulletins to notify users of its Android smartphones about available security fixes; see BlackBerry.com/bbsirt for a complete list of monthly bulletins. This advisory is in response to the Android Security Bulletin (January 2017) and addresses issues in that bulletin that affect BlackBerry powered by Android smartphones. Vulnerabilities Fixed in this Update The following vulnerabilities have been remediated in this update: Remote Code Execution Vulnerability in Mediaserver A remote code execution vulnerability in mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. CVE-2017-0381 Remote Code Execution Vulnerability in Framesequence A remote code execution vulnerability in the framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. CVE-2017-0382 Elevation of Privilege Vulnerabilities in Audioserver Elevation of privilege vulnerabilities in audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. CVE-2017-0384 CVE-2017-0385 Elevation of Privilege Vulnerability in libnl An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process. CVE-2017-0386 Elevation of Privilege Vulnerability in Mediaserver An elevation of privilege vulnerability in mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. CVE-2017-0387 Denial of Service Vulnerability in Core Networking A denial of service vulnerability in core networking could enable a remote attacker to use specially crafted network packet to cause a device hang or reboot. CVE-2017-0389 Denial of Service Vulnerabilities in Mediaserver Denial of service vulnerabilities in mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. CVE-2017-0390 CVE-2017-0391 CVE-2017-0392 CVE-2017-0393 Denial of Service Vulnerability in Telephony A denial of service vulnerability in telephony could enable a remote attacker to cause a device hang or reboot. CVE-2017-0394 Elevation of Privilege Vulnerability in Contacts An elevation of privilege vulnerability in contacts could enable a local malicious application to silently create contact information. CVE-2017-0395 Information Disclosure Vulnerabilities in Mediaserver Information disclosure vulnerabilities in mediaserver could enable a local malicious application to access data outside of its permission levels. CVE-2017-0396 CVE-2017-0397 Information Disclosure Vulnerabilities in Audioserver Information disclosure vulnerabilities in audioserver could enable a local malicious application to access data outside of its permission levels. CVE-2017-0398 CVE-2017-0399 CVE-2017-0400 CVE-2017-0401 CVE-2017-0402 Elevation of Privilege Vulnerability in Kernel Memory Subsystem An elevation of privilege vulnerability in the kernel memory subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2015-3288 Elevation of Privilege Vulnerabilities in Qualcomm Bootloader Elevation of privilege vulnerabilities in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8422 CVE-2016-8423 Elevation of Privilege Vulnerability in Qualcomm GPU Driver An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8434 Vulnerabilities in Qualcomm Components These security vulnerabilities affect Qualcomm components, and are described in further detail in the appropriate Qualcomm AMSS security bulletin or security alert. CVE-2016-8398 CVE-2016-8437 CVE-2016-8438 CVE-2016-8439 CVE-2016-8440 CVE-2016-8441 CVE-2016-8442 CVE-2016-8443 CVE-2016-8459 CVE-2016-5080 Elevation of Privilege Vulnerabilities in Qualcomm Camera Elevation of privilege vulnerabilities in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8412 CVE-2016-8444 Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver An elevation of privilege vulnerability in the Qualcomm wi-fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8415 Elevation of Privilege Vulnerability in Qualcomm Sound Driver An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8450 Elevation of Privilege Vulnerability in Kernel Security Subsystem An elevation of privilege vulnerability in kernel security subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-7042 Elevation of Privilege Vulnerability in Kernel Performance Subsystem An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2017-0403 Elevation of Privilege Vulnerability in Kernel Sound Subsystem An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2017-0404 Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver An elevation of privilege vulnerability in the Qualcomm wi-fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8452 Elevation of Privilege Vulnerability in Qualcomm Radio Driver An elevation of privilege vulnerability in the Qualcomm radio driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-5345 Elevation of Privilege Vulnerability in Kernel Profiling Subsystem An elevation of privilege vulnerability in the kernel profiling subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-9754 Elevation of Privilege Vulnerabilities in Broadcom Wi-Fi Driver Elevation of privilege vulnerabilities in the Broadcom wi-fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8454 CVE-2016-8456 CVE-2016-8457 Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8458 Elevation of Privilege Vulnerabilities in Broadcom Wi-Fi Driver Elevation of privilege vulnerabilities in the Broadcom wi-fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8464 CVE-2016-8465 CVE-2016-8466 Information Disclosure Vulnerabilities in Qualcomm Audio Post Processor Information disclosure vulnerabilities in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. CVE-2017-0399 CVE-2017-0400 CVE-2017-0401 CVE-2017-0402 Available Updates An updated software version is available immediately for BlackBerry powered by Android smartphones that have been purchased from ShopBlackBerry.com. Updated software builds may also be available from other retailers or carriers, dependent on their deployment schedules. To identify an up to date software build, navigate to the Settings>About Phone menu. Look for the following Android security patch level: January 5, 2017 If your BlackBerry powered by Android smartphone does not have an up-to-date software build available, please contact your retailer or carrier directly for security maintenance release availability information. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWGyMQYx+lLeg9Ub1AQj/Ew/+M175ATRUlQwH3w4bkecL9goAJ+gFqFWf EqlVWxpOP1QDM8trQG1sgGvZFjK0cayDjqXRqFowADoL+aTM7DOCnNhhwx82QbVX /ss0sCDpP0vXP6wyHlyvqEDXaqpm+xMBwIUpeZLCeb/nFUu0eqe/zDh1Xpb1kvJe Eiyr3m49GjKLCCtVdWqGZ0kLTKVvsKyY0ukk0TOiO1xddikMkPqQW/ifPulb2seP c9EdcgYEBHzZdzlHzJw05YppJs+8Esvcjj0rAv9jjloqtIsF1rx1XFiSQfX0iHph ek+2nx2LoPSgOAnRMs+kRU35QkIqdeDSMB2mWYJFXQt5/eirvo3dWRPSUkf8sS3U EOBfKOUbxAZd/PtudC3ZV0hJ8qqC7+pQOqXdLR+U7c2oYDIYAvZuqsTXGjUJcma4 nocuchDJtDC1HEAblJdwvUeXaOJj2mIpVbTxZYMzBldgA1wXc9OKEQQ9tNUyIMha g9t+J/dRdQWgLqgLt0P0snih8GHhGdm+tl/yy1jA99X6SPA6/Xqo0/UZ+z5hE92l xMlh8kGzjGrB7Ksg48MgMk3xpI/9DQz8GGnN4ppit3Mlc4R475COzcW40jOBbi2d gUc8egRBN9EAaS9qpuzH7s8vNQ1ZWvTgmgYWKPBfEFKe3g7zZSd3hcnTnXJy7TcX 6bDdbIp3Kh8= =0jlO -----END PGP SIGNATURE-----