본문 바로가기

취약점 정보2

Lg 모바일 8월 업데이트 안내

728x90

LG Mobile Security Maintenance Release Summary (SMR)

The August Security Bulletin contains the 61 patches for the vulnerabilities from Google and LGE. The most severe of these issues is a critical security vulnerability in Media framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process. It also includes patches for the vulnerabilities. Almost security patch level is "2017-08-01" and the patches contains modified codes about the 60 CVE and 1 LVE items.

Security issues Summary

CVE Items from Google patch (Android Bulletin August 2017)
  • critical: 
    CVE-2017-0714
    CVE-2017-0715
    CVE-2017-0716
    CVE-2017-0718
    CVE-2017-0719
    CVE-2017-0720
    CVE-2017-0721
    CVE-2017-0722
    CVE-2017-0723
    CVE-2017-0745
    CVE-2017-0407
    CVE-2017-9417
  • high: 
    CVE-2017-0713
    CVE-2017-0724
    CVE-2017-0725
    CVE-2017-0726
    CVE-2017-0727
    CVE-2017-0728
    CVE-2017-0729
    CVE-2017-0730
    CVE-2017-0731
    CVE-2017-0732
    CVE-2017-0733
    CVE-2017-0734
    CVE-2017-0735
    CVE-2017-0736
    CVE-2017-0687
    CVE-2017-0737
    CVE-2017-6074
    CVE-2017-5970
    CVE-2017-0711
    CVE-2017-8255
    CVE-2016-10389
    CVE-2017-8253
    CVE-2017-8262
    CVE-2017-8263
    CVE-2017-8267
    CVE-2017-8273
  • moderate: 
    CVE-2017-0712
    CVE-2017-0738
    CVE-2017-0739
    CVE-2017-0705
    CVE-2017-0706
    CVE-2015-5707
    CVE-2017-0710
    CVE-2017-7308
    CVE-2014-9731
    CVE-2016-5863
    CVE-2017-8243
    CVE-2017-8246
    CVE-2017-8256
    CVE-2017-8257
    CVE-2017-8259
    CVE-2017-8260
    CVE-2017-8261
    CVE-2017-8264
    CVE-2017-8265
    CVE-2017-8266
    CVE-2017-8268
    CVE-2017-8270
    CVE-2017-8271
    CVE-2017-8272
    CVE-2017-8254
    CVE-2017-8258
    CVE-2017-8269
  • low: 
    N/A
LG Vulnerabilities and Exposures(LVE) Items from LG
  • high: 
    LVE-SMP-170014

Security issues Details

You can see the detail information on Google patches from Android Security Bulletin site.There is a description of the security issue, a severity, affected devices information and date reported.

LVE-SMP-170014
  • Severity : High
  • Date reported : April 20, 2017
  • Affected device information : Android devices with OS 6.0, 6.0.1, 7.0.0, 7.1.1
  • Description : 
    After Android for Work(AfW) work profile provisioned, users cannot install certificates into work profile keystore due to the master key inexistence that usally used to encrypt or decrypt all keys in work profile keystore.
728x90