본문 바로가기

취약점 정보2

삼성 모바일 2017년 4월 업데이트 내역

728x90
SMR-APR-2017



Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process.
This SMR package includes patches from Google and Samsung. 

Google patches include patches up to Android Security Bulletin - April 2017 package. 

The Bulletin (April 2017) contains the following CVE items: 
Critical: CVE-2016-8436, CVE-2017-0427, CVE-2014-9914, CVE-2017-0510, CVE-2017-0538, CVE-2017-0539, CVE-2017-0540, CVE-2017-0541, CVE-2017-0542, CVE-2017-0543 
High: CVE-2016-5341, CVE-2017-0516, CVE-2017-0517, CVE-2017-0457, CVE-2017-0520, CVE-2017-0458, CVE-2017-0521, CVE-2017-0525, CVE-2017-0463, CVE-2017-0460, CVE-2017-0455, CVE-2016-8650, CVE-2017-0421, CVE-2017-0413, CVE-2017-0414, CVE-2017-0420, CVE-2017-0544 , CVE-2017-0545, CVE-2017-0546, CVE-2016-5552, CVE-2017-0547, CVE-2017-0548, CVE-2017-0549, CVE-2017-0550, CVE-2017-0551, CVE-2017-0552 
Moderate: CVE-2016-8417, CVE-2017-0532, CVE-2017-0533, CVE-2017-0534, CVE-2016-8478, CVE-2017-0423, CVE-2017-0553, CVE-2017-0554, CVE-2017-0555, CVE-2017-0556, CVE-2017-0557, CVE-2017-0559, CVE-2017-0560 
Low: 

※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 16 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer's confidence on security of Samsung Mobile devices¹
Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release. 


SVE-2016-6989: Memory Leak in Camera via ion

Severity: Medium
Affected versions: M(6.0), N(7.x) devices with Exynos7420 or Exynox8890 chipset
Reported on: August 25, 2016
Disclosure status: Privately disclosed. 
A carved out heap memory in camera was not properly initialized to zero until the next memory allocation resulting in possible memory leak.
The fix prevents leakage of memory by adding implementation of memory initialization of carved out heap memory, when memory is freed.


SVE-2016-7901: RKP kernel protection bypass via lack of MSR trapping on Qualcomm devices

Severity: Medium
Affected versions: N(7.0) with Qualcomm chipset
Reported on: December 15, 2016
Disclosure status: Privately disclosed. 
The vulnerability allows attackers to create disallowed memory mappings via RKP kernel protection bypass.
Qualcomm patch is applied.


SVE-2016-7142: Various setting properties can be reset by unprotected intent

Severity: Low
Affected versions: M(6.0), N(7.x)
Reported on: September 21, 2016
Disclosure status: Privately disclosed. 
The vulnerability allows unauthorized processes to reset the configuration of various applications by broadcasting an unprotected intent.
The patch restricts the senders capable of broadcasting the intent by permission.


SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-2017-8119: Crash on several services via Serializable object

Severity: Low
Affected versions: KK(4.4), L(5.0/5.1), M(6.0), N(7.x)
Reported on: January 12, 2017
Disclosure status: Privately disclosed. 
Lack of appropriate exception handling for Intents including Serializable instance allows attackers crash several system processes resulting in a possible DoS attack.
The patch prevents system crashes by handling unexpected exceptions.


SVE-2017-8285: Crash in SLocation by calling not-implemented API

Severity: Low
Affected versions: M(6.0)
Reported on: February 13, 2017
Disclosure status: Privately disclosed. 
Mismatching between declaration in AIDL and its implementation for a specific function allows attackers to make a system crash resulting in a possible DoS attack.
The patch prevents crash by removing unused functions.


SVE-2017-8290: User data can be leaked by read log file

Severity: Medium
Affected versions: L(5.0/5.1), M(6.0), N(7.x)
Reported on: February 14, 2017
Disclosure status: Privately disclosed. 
When devices are rebooted by unexpected crashes, numerous information can be leaked by world-wide readable log files created during reboot time.
The fix restricts access to the log files by reducing read permissions.


¹ Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements

We truely appreciate the following researchers for helping Samsung to improve the security of our products. 

- Zhiyun Qian and Dongdong She : SVE-2016-6989 
- Qing Zhang of Xiaomi and Guangdong Bai of Singapore Institute of Technology (SIT) : SVE-2016-7142, SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, SVE-2017-8119 
- Gal Beniamini of Google Project Zero : SVE-2016-7901 
- Ryan Johnson and Angelos Stavrou of Kryptowire : SVE-2017-8290 


728x90