The July Android Security Bulletin introduced a pretty severe issue with the Broadcom Wi-Fi chipset as well as the media framework getting hit with a few critical bugs. Let’s take a look at the highlights, so you can begin to understand why it’s so important to keep your device regularly updated.
SEE: Guidelines for building security policies (Tech Pro Research)
Check the security release on your Android device
Before we dive into what’s included with this month’s bulletin, it’s always good to know what security release is installed on your device.
To my surprise, my daily driver OnePlus 3 is still running the May 1, 2017 Security Patch. To find out what patch level you are running, open Settings and go to About Phone. Scroll down until you see Android security patch level (Figure A).
Now let’s look at the vulnerabilities affecting the Android platform.
The first issue we must highlight effects the Broadcom Wi-Fi chipset. This particular vulnerability can cause millions of mobile devices to be open to remote hacking and would allow a nearby attacker to execute arbitrary code within the context of the kernel. This vulnerability has been dubbed BroadPwn and can be found in the Broadcom BCM43xx family of Wi-Fi chipsets. This will affect HTC, LG, Nexus and nearly the full range of Samsung flagship devices. Because of the possibility of remote hijacking of a device, via the Broadcom Wi-Fi chipset, this issue has been rated critical.
Related bug: CVE-2017-9417
SEE: Mobile devices with Broadcom chipsets may be vulnerable to Wi-Fi hijacking
What would a month be without a critical issue found within the media framework? This time around there are 10 critical bugs found with this particular framework that could enable a remote attacker, using a specially crafted file, to execute arbitrary code within the context of a privileged process. Because of the possibility of remote code execution, this issue has been rated as critical.
Related bugs: CVE-2017-0540, CVE-2017-0673, CVE-2017-0674, CVE-2017-0675, CVE-2017-0676, CVE-2017-0677, CVE-2017-0678, CVE-2017-0679, CVE-2017-0680, CVE-2017-0681.
Interestingly enough, that’s it for the critical vulnerabilities.
There are a number of vulnerabilities marked high. They include the following.
Two issues were found within the kernel that could enable malicious applications to execute arbitrary code within the context of a privileged process. The two issues that were marked as high were both found with the Networking Subsystem.
Related bugs: CVE-2017-6074, CVE-2017-5970
A buffer overflow issue, that affects an unknown function within the NVIDIA libnvparser component, was discovered. This vulnerability could enable a local malicious application to execute arbitrary code within the context of a privileged process, giving it access it clearly shouldn’t have.
Related bug: CVE-2017-0340
There were also a number of Qualcomm vulnerabilities listed as high and moderate. However, most of these issues have already been resolved, thanks to Qualcomm.
Quality, not quantity
Don’t let the small number of issues fool you; the Broadcomm Wi-Fi vulnerability alone should give you enough reason to be checking for updates on a daily basis. If you’re in the same situation as am I, your device’s patch level is uncomfortably behind.
Other than that, the July Security Bulletin offered us a nice respite from the massive listing of vulnerabilities we’ve seen of late.
Upgrade and update
The developers will work diligently to patch the vulnerabilities, but it is up to the end users to ensure the fixes find their way to devices. Make sure you not only check for updates, but that you apply them as soon as they are available.
To see the full listing of vulnerabilities, check out the full July 2017 Android Security Bulletin.