Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process.
This SMR package includes patches from Google and Samsung.
Google patches include patches up to Android Security Bulletin - July 2017 package.
The Bulletin (July 2017) contains the following CVE items:
Critical: CVE-2017-0564, CVE-2016-9794, CVE-2015-7555, CVE-2017-0540, CVE-2017-0673, CVE-2017-0674, CVE-2017-0675, CVE-2017-0676, CVE-2017-0677, CVE-2017-0678, CVE-2017-0679, CVE-2017-0680, CVE-2017-0681, CVE-2017-0469
High: CVE-2017-6423, CVE-2015-9004, CVE-2014-9940, CVE-2017-0648, CVE-2017-6074, CVE-2017-8253, CVE-2017-8273, CVE-2014-9979, CVE-2015-8595, CVE-2017-0664, CVE-2017-0665, CVE-2017-0666, CVE-2017-0667, CVE-2017-0669, CVE-2017-0670, CVE-2017-0671, CVE-2016-2109, CVE-2017-0672, CVE-2017-0684, CVE-2017-0685, CVE-2017-0686, CVE-2017-0688, CVE-2017-0689, CVE-2017-0690, CVE-2017-0691, CVE-2017-0692, CVE-2017-0693, CVE-2017-0694, CVE-2017-0695, CVE-2017-0696, CVE-2017-0697, CVE-2017-0700, CVE-2017-0701, CVE-2017-0702, CVE-2017-0703, CVE-2017-0642
Moderate: CVE-2017-7368, CVE-2017-7364, CVE-2017-8237, CVE-2015-5707, CVE-2016-5863, CVE-2017-8246, CVE-2017-8256, CVE-2017-8257, CVE-2016-3924, CVE-2017-0493, CVE-2015-7995, CVE-2017-3544, CVE-2017-0698, CVE-2017-0699
Low: CVE-2017-8241
※ Please see Android Security Bulletin for detailed information on Google patches.
Along with Google patches, Samsung Mobile provides 16 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer's confidence on security of Samsung Mobile devices.
Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.
SVE-2016-6879: Lockscreen PIN cursor issue in KK models
Severity: Low
Affected versions: KK(4.4)
Reported on: August 8, 2016
Disclosure status: Privately disclosed.
The PIN type among lock types has a bug resulting in mismatch between displayed password and actual password.
The patch fixes the bug.
SVE-2017-8290: Crash via sending broadcast (AdaptiveDisplayColorService)
Severity: Low
Affected versions: KK(4.4), L(5.0/5.1), M(6.0), N(7.x)
Reported on: February 14, 2017
Disclosure status: Privately disclosed.
Lack of appropriate exception handling for Intents including Serializable instance allows attackers crash several system processes resulting in a possible DoS attack.
The patch prevents system crashes by handling unexpected exceptions.
SVE-2017-8888: Buffer overflow in tlc_server
Severity: Medium
Affected versions: M(6.0), N(7.x)
Reported on: April 11, 2017
Disclosure status: Privately disclosed.
There is a potential buffer overflow vulnerability due to not confirming if the size of source data is smaller than the destination buffer.
The patch removes the problematic code.
SVE-2017-8973: Buffer overflow in process_cipher_tdea
Severity: Low
Affected versions: M(6.0), N(7.x)
Reported on: April 11, 2017
Disclosure status: Privately disclosed.
There is a potential buffer overflow vulnerability due to not verifying input and output parameters’ sizes.
The fix avoids a buffer overflow by checking if the size of output data is the same as input data.
SVE-2017-9109: Unintended memory is disclosed in rkp log
Severity: Medium
Affected versions: M(6.0), N(7.x)
Reported on: May 4, 2017
Disclosure status: Privately disclosed.
The vulnerability allows reading data outside of rkp log buffer boundary due to not checking the boundary.
The applied patch avoids an illegal access to memory by checking the boundary.
SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126: Crash system server via sending broadcast
Severity: Low
Affected versions: N(7.x)
Reported on: May 10, 2017
Disclosure status: Privately disclosed.
Lack of appropriate exception handling for some Intents which cause NullPointerException allows attackers crash a system process resulting in a possible DoS attack.
The patch protects the receiver by changing to protected intent.
Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.
Acknowledgements
We truely appreciate the following researchers for helping Samsung to improve the security of our products.
- Taaha Rauf : SVE-2017-8286, SVE-2016-6879
- Ryan Johnson and Angelos Stavrou of Kryptowire : SVE-2017-8290, SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, SVE-2017-9126
- Daniel Komaromy : SVE-2017-8888, SVE-2017-8973
- David Berard : SVE-2017-9109
'취약점 정보2' 카테고리의 다른 글
Apache Struts2 원격 코드 실행 취약점 주의 권고 (0) | 2017.07.10 |
---|---|
LG모바일 7월 취약점 요약 (0) | 2017.07.09 |
Apache Struts 2 업데이트 권고 (0) | 2017.07.08 |
BIND DNS 신규 취약점 보안 업데이트 권고 (0) | 2017.07.03 |
Cisco IOS 소프트웨어 신규 취약점 주의 권고 (0) | 2017.07.03 |