Google has released an update for Android, Android Security Bulletin – November 2016, fixing multiple vulnerabilities in this mobile operating system. Same as with previous updates, this update was released in three stages. The peculiarity of it is that particularly in this update were fixed more than twenty critical vulnerabilities. One of these vulnerabilities such as RCE + LPE with identifier VCE-201606725 is present in the cryptographic Qualcomm driver that is used on devices such as Google Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel and Pixel XL. Vulnerability allows hackers to execute code on the device with the privileges of the Android Kernel.
Samsung has also fixed the vulnerability in Android firmware of their devices with an update SMR-NOV-2016. The Company has corrected LPE-vulnerability Dirty COW in the Linux kernel with the identifier SVE-2016-7504 (CVE-2016-5195). Vulnerability Dirty COW was also patched by Google. Unlike Google, Samsung didn’t specify the models of their devices, which will be available to update the firmware. Instead, they indicated that the update will be available for “flagship models”.
Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.
Samsung has fixed a large number of vulnerabilities that are present only in their devices. For example, LPE-SVE-2016-6736 vulnerability which was present in the driver /dev/fimg2d (Samsung Graphics 2D driver) on the company’s devices with chipset Exynos 5433/54xx/7420. Samsung has also fixed Dirty COW vulnerability in Linux Kernel, which could be used by hackers to increase their privileges in the system.
SVE-2016-7504: Linux kernel race condition on CopyOnWrite (DirtyCOW)
Affected versions: All devices
Reported on: October 20, 2016
Disclosure status: Privately disclosed.
Where a lot of write operations and calls to madvise() happens, one of the write operations can reach and write to read-only memory map by a race condition on the Linux kernel when operating with CopyOnWrite(COW) operation.
The fix introduces a new “state” for copy-on-write pages which prevents the race condition.
For its Nexus devices, Google has fixed a large number of Critical LPE-vulnerabilities in various drivers and in the Kernel, which could be used to gain privileges in the system by cyber criminals, as well as local rooting of the devices. For example, several vulnerabilities with identifiers CVE-2015-8961, CVE-2016-7911, CVE-2016-7910 in the file subsystem of the Kernel could be used by attackers to obtain root access over the system that could result in a reflashing of the device.
Actual for the following devices: Google Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, Pixel, Pixel XL.
The following drivers and subsystems of Android Kernel have been updated:
Cryptographic driver Qualcomm.
File subsystem of the Kernel.
SCSI drivers, the Media, as well as ION’s, network, sound subsystem of the kernel.
NVIDIA GPU driver.
Qualcomm camera driver and Qualcomm bus driver.
Synaptics Touchscreen driver.
Vulnerability Dirty COW (CVE-2016-5195) has been fixed by the last part of the update 2016-11-06 security patch level.
We recommend users to update their devices!