TTCSIRT-140.070618: TT-CSIRT Advisory – Android Security Updates

TTCSIRT-140.070618: TT-CSIRT Advisory – Android Security Updates

Google has released a security update stating that the following issues have been discovered in the Android OS:

a) A remote code execution vulnerability in Framework – (CVE-2018-9433).

b) Multiple remote code execution vulnerabilities in Qualcomm components – (CVE-2018-3586, CVE-2018-5872).

c) A remote code execution vulnerability in System – (CVE-2018-9365).

d) An information disclosure vulnerability in Framework – (CVE-2018-9410).

e) Multiple elevation of privilege vulnerabilities in Kernel components – (CVE-2018-5703).

f) An arbitrary code vulnerability in Media framework – (CVE-2018-9411).

g) A denial of service vulnerability in Media framework – (CVE-2018-9412).

h) An information disclosure vulnerability in Media framework – (CVE-2018-9421).

i) Multiple elevation of privilege vulnerabilities in Media framework – (CVE-2018-9424, CVE-2018-9428).

j) Multiple elevation of privilege vulnerabilities in Qualcomm components – (CVE-2018-5838, CVE-2018-5873).

k) An information disclosure vulnerability in Qualcomm components – (CVE-2018-5855).

l) Multiple information disclosure vulnerabilities in System – (CVE-2018-9419, CVE-2018-9420).

m) An elevation of privilege vulnerability in System – (CVE-2018-9432).
.

Further information on these vulnerabilities and how they can be mitigated can be found at https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-google-android-os-could-allow-for-remote-code-execution_2018-073/

Quick Navigation

Partner Agencies

Subscribe to Stay Updated!

Subscribe

Follow on social media:

Facebook-f X-twitter Linkedin-in Instagram