Multiple Vulnerabilities in Google Android OS Could Allow for Arbitrary Code Execution

ITS Advisory Number: 
2017-063 - UPDATED
Date(s) Issued: 
Friday, July 7, 2017
Date Updated: 
Thursday, August 3, 2017
Subject: 
Multiple Vulnerabilities in Google Android OS Could Allow for Arbitrary Code Execution
Overview: 

Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for arbitrary code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. These vulnerabilities could be exploited through multiple methods such as email, web browsing, and MMS when processing media files. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the application. Depending on the privileges associated with this application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.

AUGUST 3, 2017 - UPDATED OVERVIEW:

Additional vulnerabilities have been reported in products using Broadcom's Wi-Fi chip driver. This vulnerability affects multiple versions of Google Chrome OS.

Systems Affected: 
  • Android OS builds utilizing Security Patch Levels prior to July 5, 2017

AUGUST 3, 2017 - UPDATED SYSTEM AFFECTED:

  • Google Chrome OS versions prior to 60.0.3112.80

RISK
GOVERNMENT
Large and medium government entities: 
High
Small government entities: 
High
BUSINESS
Large and medium business entities: 
High
Small business entities: 
High
Home Users: 
High
Description: 

Google Android OS is prone to multiple vulnerabilities, the most severe of which could allow for arbitrary code execution. Details of these vulnerabilities are as follows:

  • An arbitrary code execution vulnerability in Runtime. (CVE-2017-3544)

  • Multiple arbitrary code execution vulnerabilities in Framework. (CVE-2017-0664, CVE-2017-0665, CVE-2017-0666, CVE-2017-0667, CVE-2017-0668, CVE-2017-0669, CVE-2017-0670)

  • Multiple arbitrary code execution vulnerabilities in Libraries. (CVE-2017-0671, CVE-2016-2109, CVE-2017-0672)

  • Multiple arbitrary code execution vulnerabilities in Media Framework. (CVE-2017-0540, CVE-2017-0673, CVE-2017-0674, CVE-2017-0675, CVE-2017-0676, CVE-2017-0677, CVE-2017-0678, CVE-2017-0679, CVE-2017-0680, CVE-2017-0681, CVE-2017-0682, CVE-2017-0683, CVE-2017-0684, CVE-2017-0685, CVE-2017-0686, CVE-2017-0688, CVE-2017-0689, CVE-2017-0690, CVE-2017-0691 ,CVE-2017-0692, CVE-2017-0693, CVE-2017-0694, CVE-2017-0695, CVE-2017-0696, CVE-2017-0697, CVE-2017-0698, CVE-2017-0699)

  • Multiple arbitrary code execution vulnerabilities in System UI. (CVE-2017-0700, CVE-2017-0701, CVE-2017-0702, CVE-2017-0703, CVE-2017-0704)

  • Multiple arbitrary code execution vulnerabilities in Broadcom Components. (CVE-2017-9417, CVE-2017-0705, CVE-2017-0706)

  • Multiple arbitrary code execution vulnerabilities in HTC Components. (CVE-2017-0707, CVE-2017-0708, CVE-2017-0709)

  • Multiple Arbitrary code execution in Kernel Components. (CVE-2017-6074, CVE-2017-5970, CVE-2015-5707, CVE-2017-0710, CVE-2017-7308, CVE-2014-9731)

  • An arbitrary code execution vulnerability in MediaTek Components. (CVE-2017-0711)

  • Multiple arbitrary code execution vulnerabilities in NVIDIA Components. (CVE-2017-0340, CVE-2017-0326)

  • Multiple arbitrary code execution vulnerabilities in Qualcomm Components. (CVE-2017-8255, CVE-2016-10389, CVE-2017-8253, CVE-2017-8262, CVE-2017-8263, CVE-2017-8267, CVE-2017-8273, CVE-2016-5863, CVE-2017-8243, CVE-2017-8246, CVE-2017-8256, CVE-2017-8257, CVE-2017-8259, CVE-2017-8260  CVE-2017-8261, CVE-2017-8264, CVE-2017-8265, CVE-2017-8266, CVE-2017-8268, CVE-2017-8270, CVE-2017-8271, CVE-2017-8272, CVE-2017-8254, CVE-2017-8258, CVE-2017-8269)

  • Multiple arbitrary code execution vulnerabilities in Qualcomm Closed-Source Components. (CVE-2014-9411, CVE-2014-9968, CVE-2014-9973, CVE-2014-9974, CVE-2014-9975, CVE-2014-9977, CVE-2014-9978, CVE-2014-9979, CVE-2014-9980, CVE-2015-0575, CVE-2015-8592, CVE-2015-8595, CVE-2015-8596, CVE-2015-9034, CVE-2015-9035, CVE-2015-9036, CVE-2015-9037, CVE-2015-9038, CVE-2015-9039, CVE-2015-9040, CVE-2015-9041, CVE-2015-9042, CVE-2015-9043, CVE-2015-9044, CVE-2015-9045, CVE-2015-9046, CVE-2015-9047, CVE-2015-9048, CVE-2015-9049, CVE-2015-9050, CVE-2015-9051, CVE-2015-9052, CVE-2015-9053, CVE-2015-9054, CVE-2015-9055, CVE-2015-9060, CVE-2015-9061, CVE-2015-9062, CVE-2015-9067, CVE-2015-9068, CVE-2015-9069, CVE-2015-9070, CVE-2015-9071, CVE-2015-9072, CVE-2015-9073, CVE-2016-10343, CVE-2016-10344, CVE-2016-10346, CVE-2016-10347, CVE-2016-10382, CVE-2016-10383, CVE-2016-10388, CVE-2016-10391, CVE-2016-5871, CVE-2016-5872)

Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the application. Depending on the privileges associated with this application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.

AUGUST 3, 2017 - UPDATED DESCRIPTION:

Broadcom Wi-Fi chip drivers are prone to two vulnerabilities that could allow a remote attacker to execute arbitrary code within the context of the application and gain elevated privileges. Successful exploitation could result in an attacker compromising data security, potentially allowing access to confidential data, or could compromise processing resources in a user's computer. Updates are available for affected versions of Google Chrome.

  • Arbitrary code execution vulnerabilities within the context of the kernel. (CVE-2017-9417)
  • Multiple privilege-escalation vulnerabilities in Broadcom components. (CVE-2017-0705, CVE-2017-0706)
Actions: 
  • After appropriate testing, immediately apply appropriate updates provided by Google Android or mobile carriers to vulnerable systems.

  • Verify no unauthorized system modifications have occurred on system before applying patch.

  • Apply the principle of Least Privilege to all systems and services.

  • Remind users not to visit websites or follow links provided by unknown or untrusted sources.

References: 

Android:

https://source.android.com/security/bulletin/2017-07-01

 

CVE:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9411

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9731

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9968

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9973

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9974

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9975

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9977

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9978

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9979

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9980

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0575

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5707

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8592

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8595

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8596

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9034

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9035

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9036

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9037

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9038

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9039

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9040

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9041

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9042

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9043

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9044

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9045

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9046

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9047

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9048

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9049

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9050

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9051

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9052

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9053

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9054

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9055

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9060

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9061

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9062

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9067

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9068

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9069

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9070

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9071

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9072

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9073

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5863

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5871

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5872

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10343

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10344

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10346

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10347

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10382

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10383

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10388

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10389

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10391

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0340

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0326

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0540

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0673

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0674

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0675

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0676

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0677

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0678

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0679

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0680

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0681

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0682

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0683

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0684

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0685

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0686

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0688

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0689

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0690

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0691

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0692

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0693

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0694

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0695

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0696

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0697

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0698

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0699

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0664

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0665

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0666

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0667

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0668

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0669

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0670

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0671

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0672

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0700

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0701

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0702

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0703

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0704

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0705

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0706

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0707

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0708

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0709

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0710

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0711

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3544

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5970

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6074

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7308

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8255

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8253

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8262

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8263

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8267

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8273

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8243

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8246

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8256

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8257

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8259

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8260

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8261

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8264

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8265

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8266

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8268

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8270

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8271

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8272

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8254

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8258

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8269

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9417

AUGUST 3, 2017 - UPDATED REFERENCES:

Google:

https://chromereleases.googleblog.com/2017/08/stable-channel-update-for-chrome-os.html

CVE:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0705

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0706

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9417

 

SecurityDaily:

http://securitydaily.org/black-hat-2017-coming-time-update-phone