본문 바로가기

취약점 정보2

삼성모바일 7월 업데이트 내역

728x90

Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process.
This SMR package includes patches from Google and Samsung.

Google patches include patches up to Android Security Bulletin - July 2017 package.

The Bulletin (July 2017) contains the following CVE items:
Critical: CVE-2017-0564, CVE-2016-9794, CVE-2015-7555, CVE-2017-0540, CVE-2017-0673, CVE-2017-0674, CVE-2017-0675, CVE-2017-0676, CVE-2017-0677, CVE-2017-0678, CVE-2017-0679, CVE-2017-0680, CVE-2017-0681, CVE-2017-0469
High: CVE-2017-6423, CVE-2015-9004, CVE-2014-9940, CVE-2017-0648, CVE-2017-6074, CVE-2017-8253, CVE-2017-8273, CVE-2014-9979, CVE-2015-8595, CVE-2017-0664, CVE-2017-0665, CVE-2017-0666, CVE-2017-0667, CVE-2017-0669, CVE-2017-0670, CVE-2017-0671, CVE-2016-2109, CVE-2017-0672, CVE-2017-0684, CVE-2017-0685, CVE-2017-0686, CVE-2017-0688, CVE-2017-0689, CVE-2017-0690, CVE-2017-0691, CVE-2017-0692, CVE-2017-0693, CVE-2017-0694, CVE-2017-0695, CVE-2017-0696, CVE-2017-0697, CVE-2017-0700, CVE-2017-0701, CVE-2017-0702, CVE-2017-0703, CVE-2017-0642
Moderate: CVE-2017-7368, CVE-2017-7364, CVE-2017-8237, CVE-2015-5707, CVE-2016-5863, CVE-2017-8246, CVE-2017-8256, CVE-2017-8257, CVE-2016-3924, CVE-2017-0493, CVE-2015-7995, CVE-2017-3544, CVE-2017-0698, CVE-2017-0699
Low: CVE-2017-8241

※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 16 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer's confidence on security of Samsung Mobile devices.
Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.


SVE-2016-6879: Lockscreen PIN cursor issue in KK models

Severity: Low
Affected versions: KK(4.4)
Reported on: August 8, 2016
Disclosure status: Privately disclosed.
The PIN type among lock types has a bug resulting in mismatch between displayed password and actual password.
The patch fixes the bug.


SVE-2017-8290: Crash via sending broadcast (AdaptiveDisplayColorService)

Severity: Low
Affected versions: KK(4.4), L(5.0/5.1), M(6.0), N(7.x)
Reported on: February 14, 2017
Disclosure status: Privately disclosed.
Lack of appropriate exception handling for Intents including Serializable instance allows attackers crash several system processes resulting in a possible DoS attack.
The patch prevents system crashes by handling unexpected exceptions.


SVE-2017-8888: Buffer overflow in tlc_server

Severity: Medium
Affected versions: M(6.0), N(7.x)
Reported on: April 11, 2017
Disclosure status: Privately disclosed.
There is a potential buffer overflow vulnerability due to not confirming if the size of source data is smaller than the destination buffer.
The patch removes the problematic code.


SVE-2017-8973: Buffer overflow in process_cipher_tdea

Severity: Low
Affected versions: M(6.0), N(7.x)
Reported on: April 11, 2017
Disclosure status: Privately disclosed.
There is a potential buffer overflow vulnerability due to not verifying input and output parameters’ sizes.
The fix avoids a buffer overflow by checking if the size of output data is the same as input data.


SVE-2017-9109: Unintended memory is disclosed in rkp log

Severity: Medium
Affected versions: M(6.0), N(7.x)
Reported on: May 4, 2017
Disclosure status: Privately disclosed.
The vulnerability allows reading data outside of rkp log buffer boundary due to not checking the boundary.
The applied patch avoids an illegal access to memory by checking the boundary.


SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126: Crash system server via sending broadcast

Severity: Low
Affected versions: N(7.x)
Reported on: May 10, 2017
Disclosure status: Privately disclosed.
Lack of appropriate exception handling for some Intents which cause NullPointerException allows attackers crash a system process resulting in a possible DoS attack.
The patch protects the receiver by changing to protected intent.


Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements

We truely appreciate the following researchers for helping Samsung to improve the security of our products.

- Taaha Rauf : SVE-2017-8286, SVE-2016-6879
- Ryan Johnson and Angelos Stavrou of Kryptowire : SVE-2017-8290, SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, SVE-2017-9126
- Daniel Komaromy : SVE-2017-8888, SVE-2017-8973
- David Berard : SVE-2017-9109

728x90