TTCSIRT-108.040618: TT-CSIRT Advisory – Android Security Updates

TTCSIRT-108.040618: TT-CSIRT Advisory – Android Security Updates

Google has released a security update stating that multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for arbitrary code execution within the context of a privileged process.

Details are as follows:

a) An elevation of privilege vulnerability in Android runtime – (CVE-2017-13274)

b) An arbitrary code vulnerability in Broadcom components – (CVE-2017-13292)

c) An information disclosure vulnerability in Framework – (CVE-2017-13275)

d) An elevation of privilege vulnerability in Kernel components – (CVE-2017-13293)

e) Multiple information disclosure vulnerabilities in Kernel components – (CVE-2017-1653, CVE-2017-5754)

f) Multiple arbitrary code vulnerabilities in Media framework – (CVE-2017-13276, CVE-2017-13277)

g) An elevation of privilege vulnerability in Media framework – (CVE-2017-13278)

h) An information disclosure vulnerability in Qualcomm components – (CVE-2017-13077)

i) An arbitrary code vulnerability in Qualcomm components – (CVE-2017-15822)

j) Multiple elevation of privilege vulnerabilities in Qualcomm components – (CVE-2017-17770, CVE-2018-3563, CVE-2018-3566)

k) Multiple arbitrary code vulnerabilities in System – (CVE-2017-13267, CVE-2017-13281, CVE-2017-13282, CVE-2017-13283, CVE-2017-13285)

l) Multiple elevation of privilege vulnerabilities in System – (CVE-2017-13284, CVE-2017-13286, CVE-2017-13287, CVE-2017-13288, CVE-2017-13289)

m) An information disclosure vulnerability in System – (CVE-2017-13290)

n) A denial of service vulnerability in System – (CVE-2017-13291)

These vulnerabilities could be exploited through multiple methods such as email, web browsing, and MMS when processing media files.

Depending on the privileges associated with the application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.

Further information on these vulnerabilities and how they can be mitigated can be found at https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-google-android-os-could-allow-for-arbitrary-code-execution_2018-037/