Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2017.0039
BlackBerry powered by Android Security Bulletin - January 2017
4 January 2017
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: BlackBerry powered by Android
Publisher: BlackBerry
Operating System: Android
Impact/Access: Root Compromise -- Existing Account
Execute Arbitrary Code/Commands -- Remote with User Interaction
Denial of Service -- Remote/Unauthenticated
Access Confidential Data -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2017-0404 CVE-2017-0403 CVE-2017-0402
CVE-2017-0401 CVE-2017-0400 CVE-2017-0399
CVE-2017-0398 CVE-2017-0397 CVE-2017-0396
CVE-2017-0395 CVE-2017-0394 CVE-2017-0393
CVE-2017-0392 CVE-2017-0391 CVE-2017-0390
CVE-2017-0389 CVE-2017-0387 CVE-2017-0386
CVE-2017-0385 CVE-2017-0384 CVE-2017-0382
CVE-2017-0381 CVE-2016-9754 CVE-2016-8466
CVE-2016-8465 CVE-2016-8464 CVE-2016-8459
CVE-2016-8458 CVE-2016-8457 CVE-2016-8456
CVE-2016-8454 CVE-2016-8452 CVE-2016-8450
CVE-2016-8444 CVE-2016-8443 CVE-2016-8442
CVE-2016-8441 CVE-2016-8440 CVE-2016-8439
CVE-2016-8438 CVE-2016-8437 CVE-2016-8434
CVE-2016-8423 CVE-2016-8422 CVE-2016-8415
CVE-2016-8412 CVE-2016-8398 CVE-2016-7042
CVE-2016-5345 CVE-2016-5080 CVE-2015-3288
Reference: ASB-2017.0002
ESB-2017.0029
ESB-2016.3057
ESB-2016.1799
ESB-2016.1784
Original Bulletin:
http://support.blackberry.com/kb/articleDetail?articleNumber=000038932
- --------------------------BEGIN INCLUDED TEXT--------------------
BlackBerry powered by Android Security Bulletin - January 2017
Article Number: 000038932
First Published: January 03, 2017
Last Modified: January 04, 2017
Type: Security Bulletin
Purpose of this Bulletin
BlackBerry has released a security update to address multiple vulnerabilities
in BlackBerry powered by Android smartphones. We recommend users update
to the latest available software build.
BlackBerry releases security bulletins to notify users of its Android
smartphones about available security fixes; see BlackBerry.com/bbsirt
for a complete list of monthly bulletins. This advisory is in response to
the Android Security Bulletin (January 2017) and addresses issues in that
bulletin that affect BlackBerry powered by Android smartphones.
Vulnerabilities Fixed in this Update
The following vulnerabilities have been remediated in this update:
Remote Code Execution Vulnerability in Mediaserver
A remote code execution vulnerability in mediaserver could enable an attacker
using a specially crafted file to cause memory corruption during media file and
data processing.
CVE-2017-0381
Remote Code Execution Vulnerability in Framesequence
A remote code execution vulnerability in the framesequence library could
enable an attacker using a specially crafted file to execute arbitrary
code in the context of an unprivileged process.
CVE-2017-0382
Elevation of Privilege Vulnerabilities in Audioserver
Elevation of privilege vulnerabilities in audioserver could enable a local
malicious application to execute arbitrary code within the context of a
privileged process.
CVE-2017-0384
CVE-2017-0385
Elevation of Privilege Vulnerability in libnl
An elevation of privilege vulnerability in the libnl library could enable
a local malicious application to execute arbitrary code within the context
of a privileged process.
CVE-2017-0386
Elevation of Privilege Vulnerability in Mediaserver
An elevation of privilege vulnerability in mediaserver could enable a
local malicious application to execute arbitrary code within the context
of a privileged process.
CVE-2017-0387
Denial of Service Vulnerability in Core Networking
A denial of service vulnerability in core networking could enable a remote
attacker to use specially crafted network packet to cause a device hang
or reboot.
CVE-2017-0389
Denial of Service Vulnerabilities in Mediaserver
Denial of service vulnerabilities in mediaserver could enable a remote
attacker to use a specially crafted file to cause a device hang or reboot.
CVE-2017-0390
CVE-2017-0391
CVE-2017-0392
CVE-2017-0393
Denial of Service Vulnerability in Telephony
A denial of service vulnerability in telephony could enable a remote
attacker to cause a device hang or reboot.
CVE-2017-0394
Elevation of Privilege Vulnerability in Contacts
An elevation of privilege vulnerability in contacts could enable a local
malicious application to silently create contact information.
CVE-2017-0395
Information Disclosure Vulnerabilities in Mediaserver
Information disclosure vulnerabilities in mediaserver could enable a local
malicious application to access data outside of its permission levels.
CVE-2017-0396
CVE-2017-0397
Information Disclosure Vulnerabilities in Audioserver
Information disclosure vulnerabilities in audioserver could enable a local
malicious application to access data outside of its permission levels.
CVE-2017-0398
CVE-2017-0399
CVE-2017-0400
CVE-2017-0401
CVE-2017-0402
Elevation of Privilege Vulnerability in Kernel Memory Subsystem
An elevation of privilege vulnerability in the kernel memory subsystem could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2015-3288
Elevation of Privilege Vulnerabilities in Qualcomm Bootloader
Elevation of privilege vulnerabilities in the Qualcomm bootloader could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-8422
CVE-2016-8423
Elevation of Privilege Vulnerability in Qualcomm GPU Driver
An elevation of privilege vulnerability in the Qualcomm GPU driver could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-8434
Vulnerabilities in Qualcomm Components
These security vulnerabilities affect Qualcomm components, and are described
in further detail in the appropriate Qualcomm AMSS security bulletin or
security alert.
CVE-2016-8398
CVE-2016-8437
CVE-2016-8438
CVE-2016-8439
CVE-2016-8440
CVE-2016-8441
CVE-2016-8442
CVE-2016-8443
CVE-2016-8459
CVE-2016-5080
Elevation of Privilege Vulnerabilities in Qualcomm Camera
Elevation of privilege vulnerabilities in the Qualcomm camera could enable
a local malicious application to execute arbitrary code within the context
of the kernel.
CVE-2016-8412
CVE-2016-8444
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver
An elevation of privilege vulnerability in the Qualcomm wi-fi driver could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-8415
Elevation of Privilege Vulnerability in Qualcomm Sound Driver
An elevation of privilege vulnerability in the Qualcomm sound driver could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-8450
Elevation of Privilege Vulnerability in Kernel Security Subsystem
An elevation of privilege vulnerability in kernel security subsystem could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-7042
Elevation of Privilege Vulnerability in Kernel Performance Subsystem
An elevation of privilege vulnerability in the kernel performance subsystem
could enable a local malicious application to execute arbitrary code within
the context of the kernel.
CVE-2017-0403
Elevation of Privilege Vulnerability in Kernel Sound Subsystem
An elevation of privilege vulnerability in the kernel sound subsystem could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2017-0404
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver
An elevation of privilege vulnerability in the Qualcomm wi-fi driver could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-8452
Elevation of Privilege Vulnerability in Qualcomm Radio Driver
An elevation of privilege vulnerability in the Qualcomm radio driver could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-5345
Elevation of Privilege Vulnerability in Kernel Profiling Subsystem
An elevation of privilege vulnerability in the kernel profiling subsystem
could enable a local malicious application to execute arbitrary code within
the context of the kernel.
CVE-2016-9754
Elevation of Privilege Vulnerabilities in Broadcom Wi-Fi Driver
Elevation of privilege vulnerabilities in the Broadcom wi-fi driver could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-8454
CVE-2016-8456
CVE-2016-8457
Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver
An elevation of privilege vulnerability in the Synaptics touchscreen driver
could enable a local malicious application to execute arbitrary code within
the context of the kernel.
CVE-2016-8458
Elevation of Privilege Vulnerabilities in Broadcom Wi-Fi Driver
Elevation of privilege vulnerabilities in the Broadcom wi-fi driver could
enable a local malicious application to execute arbitrary code within the
context of the kernel.
CVE-2016-8464
CVE-2016-8465
CVE-2016-8466
Information Disclosure Vulnerabilities in Qualcomm Audio Post Processor
Information disclosure vulnerabilities in the Qualcomm audio post processor
could enable a local malicious application to access data outside of its
permission levels.
CVE-2017-0399
CVE-2017-0400
CVE-2017-0401
CVE-2017-0402
Available Updates
An updated software version is available immediately for BlackBerry
powered by Android smartphones that have been purchased from
ShopBlackBerry.com. Updated software builds may also be available from
other retailers or carriers, dependent on their deployment schedules.
To identify an up to date software build, navigate to the Settings>About
Phone menu. Look for the following Android security patch level:
January 5, 2017
If your BlackBerry powered by Android smartphone does not have an up-to-date
software build available, please contact your retailer or carrier directly
for security maintenance release availability information.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBWGyMQYx+lLeg9Ub1AQj/Ew/+M175ATRUlQwH3w4bkecL9goAJ+gFqFWf
EqlVWxpOP1QDM8trQG1sgGvZFjK0cayDjqXRqFowADoL+aTM7DOCnNhhwx82QbVX
/ss0sCDpP0vXP6wyHlyvqEDXaqpm+xMBwIUpeZLCeb/nFUu0eqe/zDh1Xpb1kvJe
Eiyr3m49GjKLCCtVdWqGZ0kLTKVvsKyY0ukk0TOiO1xddikMkPqQW/ifPulb2seP
c9EdcgYEBHzZdzlHzJw05YppJs+8Esvcjj0rAv9jjloqtIsF1rx1XFiSQfX0iHph
ek+2nx2LoPSgOAnRMs+kRU35QkIqdeDSMB2mWYJFXQt5/eirvo3dWRPSUkf8sS3U
EOBfKOUbxAZd/PtudC3ZV0hJ8qqC7+pQOqXdLR+U7c2oYDIYAvZuqsTXGjUJcma4
nocuchDJtDC1HEAblJdwvUeXaOJj2mIpVbTxZYMzBldgA1wXc9OKEQQ9tNUyIMha
g9t+J/dRdQWgLqgLt0P0snih8GHhGdm+tl/yy1jA99X6SPA6/Xqo0/UZ+z5hE92l
xMlh8kGzjGrB7Ksg48MgMk3xpI/9DQz8GGnN4ppit3Mlc4R475COzcW40jOBbi2d
gUc8egRBN9EAaS9qpuzH7s8vNQ1ZWvTgmgYWKPBfEFKe3g7zZSd3hcnTnXJy7TcX
6bDdbIp3Kh8=
=0jlO
-----END PGP SIGNATURE-----