The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Google Android Jelly Bean

vulnerability bulletin CVE-2016-5195

Linux kernel: privilege escalation via Copy On Write, Dirty COW

Synthesis of the vulnerability

A local attacker can generate a memory corruption via a Copy On Write on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: SNS, Cisco ATA, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Cisco Prime DCNM, Cisco CUCM, Debian, NetWorker, BIG-IP Hardware, TMOS, Fedora, Android OS, HP Operations, HP Switch, Junos Space, NSM Central Manager, NSMXpress, Linux, McAfee Email Gateway, openSUSE, openSUSE Leap, Oracle Communications, Palo Alto Firewall PA***, PAN-OS, HDX, RealPresence Resource Manager, Polycom VBP, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, data creation/edition.
Provenance: user shell.
Creation date: 20/10/2016.
Identifiers: 1384344, 494072, c05341463, CERTFR-2016-AVI-353, CERTFR-2016-AVI-356, CERTFR-2016-AVI-357, CERTFR-2016-AVI-370, CERTFR-2017-AVI-001, CERTFR-2017-AVI-012, CERTFR-2017-AVI-022, cisco-sa-20161026-linux, cpujul2018, CVE-2016-5195, Dirty COW, DLA-670-1, DSA-3696-1, ESA-2016-170, FEDORA-2016-c3558808cd, FEDORA-2016-db4b75b352, HPESBGN03742, HPSBHF03682, JSA10770, JSA10774, K10558632, openSUSE-SU-2016:2583-1, openSUSE-SU-2016:2584-1, openSUSE-SU-2016:2625-1, openSUSE-SU-2016:2649-1, PAN-SA-2017-0003, PAN-SA-2017-0013, PAN-SA-2017-0014, PAN-SA-2017-0016, RHSA-2016:2098-01, RHSA-2016:2105-01, RHSA-2016:2106-01, RHSA-2016:2110-01, RHSA-2016:2118-01, RHSA-2016:2120-01, RHSA-2016:2124-01, RHSA-2016:2126-01, RHSA-2016:2127-01, RHSA-2016:2128-01, RHSA-2016:2132-01, RHSA-2016:2133-01, RHSA-2018:0180-01, SB10177, SB10178, SSA:2016-305-01, STORM-2016-006, SUSE-SU-2016:2585-1, SUSE-SU-2016:2592-1, SUSE-SU-2016:2593-1, SUSE-SU-2016:2596-1, SUSE-SU-2016:2614-1, SUSE-SU-2016:3069-1, SUSE-SU-2016:3304-1, USN-3104-1, USN-3104-2, USN-3105-1, USN-3105-2, USN-3106-1, USN-3106-2, USN-3106-3, USN-3106-4, USN-3107-1, USN-3107-2, VIGILANCE-VUL-20923, VU#243144.

Description of the vulnerability

The Linux kernel supports the Copy On Write operation, which is used to copy memory only when it is modified.

However, a local attacker can manipulate the memory, so the COW operation writes in Read Only memory.

A local attacker can therefore generate a memory corruption via a Copy On Write on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-7042

Linux kernel: buffer overflow via proc_keys_show

Synthesis of the vulnerability

An attacker can generate a buffer overflow via proc_keys_show() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Android OS, QRadar SIEM, Linux, openSUSE, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server.
Provenance: user shell.
Creation date: 14/10/2016.
Identifiers: 1373499, 2011746, CERTFR-2016-AVI-378, CERTFR-2016-AVI-426, CERTFR-2017-AVI-001, CERTFR-2017-AVI-016, CERTFR-2017-AVI-034, CERTFR-2017-AVI-053, CERTFR-2017-AVI-054, CERTFR-2017-AVI-131, CERTFR-2017-AVI-287, CVE-2016-7042, DLA-670-1, DSA-3696-1, openSUSE-SU-2016:3021-1, openSUSE-SU-2016:3050-1, openSUSE-SU-2016:3058-1, openSUSE-SU-2016:3061-1, RHSA-2017:0817-01, RHSA-2017:1842-01, RHSA-2017:2077-01, RHSA-2017:2669-01, SUSE-SU-2016:2912-1, SUSE-SU-2016:2976-1, SUSE-SU-2016:3304-1, SUSE-SU-2017:0181-1, SUSE-SU-2017:0333-1, SUSE-SU-2017:0471-1, SUSE-SU-2017:0494-1, SUSE-SU-2017:1102-1, USN-3126-1, USN-3126-2, USN-3127-1, USN-3127-2, USN-3128-1, USN-3128-2, USN-3128-3, USN-3129-1, USN-3129-2, USN-3161-1, USN-3161-2, USN-3161-3, USN-3161-4, VIGILANCE-VUL-20868.

Description of the vulnerability

The Linux kernel provides the /proc/keys interface to access to cryptographic keys.

However, if the size of data is greater than the size of the storage array, an overflow occurs in proc_keys_show().

An attacker can therefore generate a buffer overflow via proc_keys_show() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2016-7117

Linux kernel: use after free via recvmmsg

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via an application using recvmmsg() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Android OS, Linux, openSUSE, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Synology DS***, Synology RS***, Ubuntu.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server.
Provenance: internet client.
Creation date: 05/10/2016.
Identifiers: CERTFR-2016-AVI-378, CERTFR-2017-AVI-034, CERTFR-2017-AVI-054, CERTFR-2017-AVI-060, CERTFR-2017-AVI-131, CERTFR-2017-AVI-162, CERTFR-2017-AVI-282, CVE-2016-7117, DSA-3659-1, openSUSE-SU-2016:2625-1, openSUSE-SU-2017:0456-1, openSUSE-SU-2017:0458-1, RHSA-2016:2962-01, RHSA-2017:0031-01, RHSA-2017:0036-01, RHSA-2017:0065-01, RHSA-2017:0086-01, RHSA-2017:0091-01, RHSA-2017:0113-01, RHSA-2017:0196-01, RHSA-2017:0215-01, RHSA-2017:0216-01, RHSA-2017:0217-01, RHSA-2017:0270-01, SUSE-SU-2016:2976-1, SUSE-SU-2017:0333-1, SUSE-SU-2017:0494-1, SUSE-SU-2017:0575-1, SUSE-SU-2017:1102-1, SUSE-SU-2017:1247-1, SUSE-SU-2017:1360-1, SUSE-SU-2017:1990-1, SUSE-SU-2017:2342-1, USN-3126-1, USN-3126-2, VIGILANCE-VUL-20771.

Description of the vulnerability

The recvmmsg() system call is used to receive several messages on a socket:
  recvmmsg(sockfd, msgvec, vlen, flags, timeout);

However, when an error occurs, while there are less received messages than requested in the vlen parameter, the __sys_recvmmsg() function writes in a freed memory area.

An attacker can therefore force the usage of a freed memory area via an application using recvmmsg() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2015-0572 CVE-2015-8950 CVE-2015-8951

Android OS: multiple vulnerabilities of 2016-10-05

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Android OS.
Impacted products: Android OS.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, data reading, denial of service on server, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 53.
Creation date: 04/10/2016.
Identifiers: CERTFR-2016-AVI-326, CVE-2015-0572, CVE-2015-8950, CVE-2015-8951, CVE-2015-8955, CVE-2015-8956, CVE-2016-3860, CVE-2016-3901, CVE-2016-3902, CVE-2016-3903, CVE-2016-3905, CVE-2016-3926, CVE-2016-3927, CVE-2016-3928, CVE-2016-3929, CVE-2016-3930, CVE-2016-3931, CVE-2016-3932, CVE-2016-3933, CVE-2016-3934, CVE-2016-3935, CVE-2016-3936, CVE-2016-3937, CVE-2016-3938, CVE-2016-3939, CVE-2016-3940, CVE-2016-5342, CVE-2016-5343, CVE-2016-5344, CVE-2016-6672, CVE-2016-6673, CVE-2016-6674, CVE-2016-6675, CVE-2016-6676, CVE-2016-6677, CVE-2016-6678, CVE-2016-6679, CVE-2016-6680, CVE-2016-6681, CVE-2016-6682, CVE-2016-6683, CVE-2016-6684, CVE-2016-6685, CVE-2016-6686, CVE-2016-6687, CVE-2016-6688, CVE-2016-6689, CVE-2016-6690, CVE-2016-6691, CVE-2016-6692, CVE-2016-6693, CVE-2016-6694, CVE-2016-6695, CVE-2016-6696, VIGILANCE-VUL-20760.

Description of the vulnerability

Several vulnerabilities were announced in Android OS.

An attacker can bypass security features via MediaTek Video Driver, in order to escalate his privileges. [severity:4/4; CVE-2016-3928]

An attacker can use a vulnerability via Qualcomm, in order to run code. [severity:4/4; CVE-2016-3926]

An attacker can use a vulnerability via Qualcomm, in order to run code. [severity:4/4; CVE-2016-3927]

An attacker can use a vulnerability via Qualcomm, in order to run code. [severity:4/4; CVE-2016-3929]

An attacker can bypass security features via NVIDIA MMC Test Driver, in order to escalate his privileges. [severity:3/4; CVE-2016-3930]

An attacker can bypass security features via Qualcomm Secure Execution Environment Communicator Driver, in order to escalate his privileges. [severity:3/4; CVE-2016-3931]

An attacker can bypass security features via Mediaserver, in order to escalate his privileges. [severity:3/4; CVE-2016-3932]

An attacker can bypass security features via Mediaserver, in order to escalate his privileges. [severity:3/4; CVE-2016-3933]

An attacker can bypass security features via Qualcomm Camera Driver, in order to escalate his privileges. [severity:3/4; CVE-2016-3903]

An attacker can bypass security features via Qualcomm Camera Driver, in order to escalate his privileges. [severity:3/4; CVE-2016-3934]

An attacker can bypass security features via Qualcomm Sound Driver, in order to escalate his privileges. [severity:3/4; CVE-2015-8951]

An attacker can bypass security features via Qualcomm Crypto Engine Driver, in order to escalate his privileges. [severity:3/4; CVE-2016-3901]

An attacker can bypass security features via Qualcomm Crypto Engine Driver, in order to escalate his privileges. [severity:3/4; CVE-2016-3935]

An attacker can bypass security features via MediaTek Video Driver, in order to escalate his privileges. [severity:3/4; CVE-2016-3936]

An attacker can bypass security features via MediaTek Video Driver, in order to escalate his privileges. [severity:3/4; CVE-2016-3937]

An attacker can bypass security features via Qualcomm Video Driver, in order to escalate his privileges. [severity:3/4; CVE-2016-3938]

An attacker can bypass security features via Qualcomm Video Driver, in order to escalate his privileges. [severity:3/4; CVE-2016-3939]

An attacker can bypass security features via Synaptics Touchscreen Driver, in order to escalate his privileges. [severity:3/4; CVE-2016-3940]

An attacker can bypass security features via Synaptics Touchscreen Driver, in order to escalate his privileges. [severity:3/4; CVE-2016-6672]

An attacker can bypass security features via NVIDIA Camera Driver, in order to escalate his privileges. [severity:3/4; CVE-2016-6673]

An attacker can bypass security features via system_server, in order to escalate his privileges. [severity:3/4; CVE-2016-6674]

An attacker can bypass security features via Qualcomm Wi-Fi driver, in order to escalate his privileges. [severity:3/4; CVE-2016-3905]

An attacker can bypass security features via Qualcomm Wi-Fi driver, in order to escalate his privileges. [severity:3/4; CVE-2016-6675]

An attacker can bypass security features via Qualcomm Wi-Fi driver, in order to escalate his privileges. [severity:3/4; CVE-2016-6676]

An attacker can bypass security features via Qualcomm Wi-Fi driver, in order to escalate his privileges. [severity:3/4; CVE-2016-5342]

An attacker can bypass security features via Kernel Performance Subsystem, in order to escalate his privileges. [severity:3/4; CVE-2015-8955]

An attacker can bypass security features via Kernel ION Subsystem, in order to obtain sensitive information. [severity:3/4; CVE-2015-8950]

An attacker can bypass security features via NVIDIA GPU Driver, in order to obtain sensitive information. [severity:3/4; CVE-2016-6677]

An attacker can bypass security features via Qualcomm Character Driver, in order to escalate his privileges. [severity:2/4; CVE-2015-0572]

An attacker can bypass security features via Qualcomm Sound Driver, in order to obtain sensitive information. [severity:2/4; CVE-2016-3860]

An attacker can bypass security features via Motorola USBNet Driver, in order to obtain sensitive information. [severity:2/4; CVE-2016-6678]

An attacker can bypass security features via Qualcomm Components, in order to obtain sensitive information. [severity:2/4; CVE-2016-6679]

An attacker can bypass security features via Qualcomm Components, in order to obtain sensitive information. [severity:2/4; CVE-2016-3902]

An attacker can bypass security features via Qualcomm Components, in order to obtain sensitive information. [severity:2/4; CVE-2016-6680]

An attacker can bypass security features via Qualcomm Components, in order to obtain sensitive information. [severity:2/4; CVE-2016-6681]

An attacker can bypass security features via Qualcomm Components, in order to obtain sensitive information. [severity:2/4; CVE-2016-6682]

An attacker can bypass security features via Kernel Components, in order to obtain sensitive information. [severity:2/4; CVE-2016-6683]

An attacker can bypass security features via Kernel Components, in order to obtain sensitive information. [severity:2/4; CVE-2016-6684]

An attacker can bypass security features via Kernel Components, in order to obtain sensitive information (VIGILANCE-VUL-20922). [severity:2/4; CVE-2015-8956]

An attacker can bypass security features via Kernel Components, in order to obtain sensitive information. [severity:2/4; CVE-2016-6685]

An attacker can bypass security features via NVIDIA Profiler, in order to obtain sensitive information. [severity:2/4; CVE-2016-6686]

An attacker can bypass security features via NVIDIA Profiler, in order to obtain sensitive information. [severity:2/4; CVE-2016-6687]

An attacker can bypass security features via NVIDIA Profiler, in order to obtain sensitive information. [severity:2/4; CVE-2016-6688]

An attacker can bypass security features via Kernel, in order to obtain sensitive information. [severity:2/4; CVE-2016-6689]

An attacker can trigger a fatal error via Kernel Sound Driver, in order to trigger a denial of service. [severity:1/4; CVE-2016-6690]

An unknown vulnerability was announced via Qualcomm Components. [severity:3/4; CVE-2016-6691]

An unknown vulnerability was announced via Qualcomm Components. [severity:3/4; CVE-2016-6692]

An unknown vulnerability was announced via Qualcomm Components. [severity:3/4; CVE-2016-6693]

An unknown vulnerability was announced via Qualcomm Components. [severity:3/4; CVE-2016-6694]

An unknown vulnerability was announced via Qualcomm Components. [severity:3/4; CVE-2016-6695]

An unknown vulnerability was announced via Qualcomm Components. [severity:3/4; CVE-2016-6696]

An unknown vulnerability was announced via Qualcomm Components. [severity:3/4; CVE-2016-5344]

An unknown vulnerability was announced via Qualcomm Components. [severity:3/4; CVE-2016-5343]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-3882 CVE-2016-3900 CVE-2016-3908

Android OS: multiple vulnerabilities of 2016-10-01

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Android OS.
Impacted products: Android OS.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, data reading, denial of service on server, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 20.
Creation date: 04/10/2016.
Identifiers: CVE-2016-3882, CVE-2016-3900, CVE-2016-3908, CVE-2016-3909, CVE-2016-3910, CVE-2016-3911, CVE-2016-3912, CVE-2016-3913, CVE-2016-3914, CVE-2016-3915, CVE-2016-3916, CVE-2016-3917, CVE-2016-3918, CVE-2016-3920, CVE-2016-3921, CVE-2016-3922, CVE-2016-3923, CVE-2016-3924, CVE-2016-3925, CVE-2016-5348, VIGILANCE-VUL-20759.

Description of the vulnerability

Several vulnerabilities were announced in Android OS.

An attacker can bypass security features via ServiceManager, in order to escalate his privileges. [severity:3/4; CVE-2016-3900]

An attacker can bypass security features via Lock Settings Service, in order to escalate his privileges. [severity:3/4; CVE-2016-3908]

An attacker can bypass security features via Mediaserver, in order to escalate his privileges. [severity:3/4; CVE-2016-3909]

An attacker can bypass security features via Mediaserver, in order to escalate his privileges. [severity:3/4; CVE-2016-3910]

An attacker can bypass security features via Mediaserver, in order to escalate his privileges. [severity:3/4; CVE-2016-3913]

An attacker can bypass security features via Zygote process, in order to escalate his privileges. [severity:3/4; CVE-2016-3911]

An attacker can bypass security features via Framework APIs, in order to escalate his privileges. [severity:3/4; CVE-2016-3912]

An attacker can bypass security features via Telephony, in order to escalate his privileges. [severity:3/4; CVE-2016-3914]

An attacker can bypass security features via Camera Service, in order to escalate his privileges. [severity:3/4; CVE-2016-3915]

An attacker can bypass security features via Camera Service, in order to escalate his privileges. [severity:3/4; CVE-2016-3916]

An attacker can bypass security features via Fingerprint Login, in order to escalate his privileges. [severity:3/4; CVE-2016-3917]

An attacker can bypass security features via AOSP Mail, in order to obtain sensitive information. [severity:3/4; CVE-2016-3918]

An attacker can trigger a fatal error via Wi-Fi, in order to trigger a denial of service. [severity:3/4; CVE-2016-3882]

An attacker can trigger a fatal error via GPS, in order to trigger a denial of service. [severity:3/4; CVE-2016-5348]

An attacker can trigger a fatal error via Mediaserver, in order to trigger a denial of service. [severity:3/4; CVE-2016-3920]

An attacker can bypass security features via Framework Listener, in order to escalate his privileges. [severity:2/4; CVE-2016-3921]

An attacker can bypass security features via Telephony, in order to escalate his privileges. [severity:2/4; CVE-2016-3922]

An attacker can bypass security features via Accessibility Services, in order to escalate his privileges. [severity:2/4; CVE-2016-3923]

An attacker can bypass security features via Mediaserver, in order to obtain sensitive information. [severity:2/4; CVE-2016-3924]

An attacker can trigger a fatal error via Wi-Fi, in order to trigger a denial of service. [severity:2/4; CVE-2016-3925]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-5180

c-ares: buffer overflow

Synthesis of the vulnerability

An attacker can generate a buffer overflow of c-ares, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Fedora, Android OS, Nodejs Core, openSUSE, openSUSE Leap, RHEL, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: internet client.
Creation date: 03/10/2016.
Identifiers: CVE-2016-5180, DLA-648-1, DSA-3682-1, FEDORA-2016-1cc00cde2d, FEDORA-2016-66d9389548, FEDORA-2016-7a3a0f0198, FEDORA-2016-7aa3c89e7b, FEDORA-2016-a7f9e86df7, openSUSE-SU-2016:2752-1, openSUSE-SU-2016:2960-1, openSUSE-SU-2016:3006-1, openSUSE-SU-2017:0082-1, RHSA-2017:0002-01, USN-3143-1, VIGILANCE-VUL-20743.

Description of the vulnerability

An attacker can generate a buffer overflow of c-ares, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-4997

Linux kernel: memory corruption via IP6T_SO_SET_REPLACE

Synthesis of the vulnerability

An attacker can generate a memory corruption via IP6T_SO_SET_REPLACE on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Fedora, Android OS, Linux, openSUSE, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 29/09/2016.
Revision date: 29/09/2016.
Identifiers: CERTFR-2016-AVI-220, CERTFR-2016-AVI-267, CERTFR-2017-AVI-034, CERTFR-2017-AVI-282, CVE-2016-4997, DSA-3607-1, FEDORA-2016-1c409313f4, FEDORA-2016-63ee0999e4, FEDORA-2016-73a733f4d9, openSUSE-SU-2016:1798-1, openSUSE-SU-2016:2144-1, openSUSE-SU-2016:2184-1, openSUSE-SU-2016:2290-1, openSUSE-SU-2017:1140-1, RHSA-2016:1847-01, RHSA-2016:1875-01, RHSA-2016:1883-01, SUSE-SU-2016:1709-1, SUSE-SU-2016:1710-1, SUSE-SU-2016:1937-1, SUSE-SU-2016:1985-1, SUSE-SU-2016:2018-1, SUSE-SU-2016:2105-1, SUSE-SU-2016:2245-1, SUSE-SU-2016:3069-1, SUSE-SU-2017:0333-1, SUSE-SU-2017:1990-1, SUSE-SU-2017:2342-1, USN-3016-1, USN-3016-2, USN-3016-3, USN-3016-4, USN-3017-1, USN-3017-2, USN-3017-3, USN-3018-1, USN-3018-2, USN-3019-1, USN-3020-1, USN-3338-1, USN-3338-2, VIGILANCE-VUL-20735.

Description of the vulnerability

The Linux kernel offers the ip6_tables or ip_tables module.

However, the IP6T_SO_SET_REPLACE or IPT_SO_SET_REPLACE option of setsockopt() does not correctly check offsets, which leads to a memory corruption.

An attacker can therefore generate a memory corruption via IP6T_SO_SET_REPLACE on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-4998

Linux kernel: out-of-bounds memory reading via setsockopt

Synthesis of the vulnerability

An attacker can force a read at an invalid address via setsockopt() on the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Debian, Fedora, Android OS, Linux, openSUSE, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading, denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 27/06/2016.
Revision date: 29/09/2016.
Identifiers: CERTFR-2016-AVI-220, CERTFR-2016-AVI-267, CERTFR-2017-AVI-001, CERTFR-2017-AVI-034, CERTFR-2017-AVI-053, CERTFR-2017-AVI-282, CVE-2016-4998, DSA-3607-1, FEDORA-2016-1c409313f4, FEDORA-2016-63ee0999e4, FEDORA-2016-73a733f4d9, openSUSE-SU-2016:1798-1, openSUSE-SU-2016:2144-1, openSUSE-SU-2016:2184-1, openSUSE-SU-2016:2290-1, openSUSE-SU-2017:1140-1, RHSA-2016:1847-01, RHSA-2016:1875-01, RHSA-2016:1883-01, RHSA-2017:0036-01, SUSE-SU-2016:1709-1, SUSE-SU-2016:1710-1, SUSE-SU-2016:1937-1, SUSE-SU-2016:1985-1, SUSE-SU-2016:2018-1, SUSE-SU-2016:2105-1, SUSE-SU-2016:2245-1, SUSE-SU-2016:2976-1, SUSE-SU-2016:3069-1, SUSE-SU-2016:3304-1, SUSE-SU-2017:0333-1, SUSE-SU-2017:0471-1, SUSE-SU-2017:1990-1, SUSE-SU-2017:2342-1, USN-3016-1, USN-3016-2, USN-3016-3, USN-3016-4, USN-3017-1, USN-3017-2, USN-3017-3, USN-3018-1, USN-3018-2, USN-3019-1, USN-3020-1, VIGILANCE-VUL-19975.

Description of the vulnerability

An attacker can force a read at an invalid address via setsockopt() on the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-3861 CVE-2016-3862 CVE-2016-3863

Android OS: multiple vulnerabilities 2016-09-01

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Android OS.
Impacted products: Android OS.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, data reading, data creation/edition, denial of service on server, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 19.
Creation date: 07/09/2016.
Revision date: 28/09/2016.
Identifiers: 840, 853, CERTFR-2016-AVI-297, CVE-2016-3861, CVE-2016-3862, CVE-2016-3863, CVE-2016-3870, CVE-2016-3871, CVE-2016-3872, CVE-2016-3875, CVE-2016-3876, CVE-2016-3878, CVE-2016-3879, CVE-2016-3880, CVE-2016-3881, CVE-2016-3883, CVE-2016-3884, CVE-2016-3885, CVE-2016-3886, CVE-2016-3887, CVE-2016-3888, CVE-2016-3889, CVE-2016-3890, CVE-2016-3895, CVE-2016-3896, CVE-2016-3897, CVE-2016-3898, CVE-2016-3899, VIGILANCE-VUL-20533.

Description of the vulnerability

Several vulnerabilities were announced in Android OS.

An attacker can use a vulnerability via LibUtils, in order to run code. [severity:4/4; CVE-2016-3861]

An attacker can use a vulnerability via Mediaserver, in order to run code. [severity:4/4; CVE-2016-3862]

An attacker can use a vulnerability via MediaMuxer, in order to run code. [severity:3/4; CVE-2016-3863]

An attacker can bypass security features via Mediaserver, in order to escalate his privileges. [severity:3/4; CVE-2016-3870, CVE-2016-3871, CVE-2016-3872]

An attacker can bypass security features via Device Boot, in order to escalate his privileges. [severity:3/4; CVE-2016-3875]

An attacker can bypass security features via Settings, in order to escalate his privileges. [severity:3/4; CVE-2016-3876]

An attacker can trigger a fatal error via Mediaserver, in order to trigger a denial of service. [severity:3/4; CVE-2016-3878, CVE-2016-3879, CVE-2016-3880, CVE-2016-3881, CVE-2016-3899]

An attacker can bypass security features via Telephony, in order to escalate his privileges. [severity:2/4; CVE-2016-3883]

An attacker can bypass security features via Notification Manager Service, in order to escalate his privileges. [severity:2/4; CVE-2016-3884]

An attacker can bypass security features via Debuggerd, in order to escalate his privileges. [severity:2/4; 853, CVE-2016-3885]

An attacker can bypass security features via System UI Tuner, in order to escalate his privileges. [severity:2/4; CVE-2016-3886]

An attacker can bypass security features via Settings, in order to escalate his privileges. [severity:2/4; CVE-2016-3887]

An attacker can bypass security features via SMS, in order to escalate his privileges. [severity:2/4; CVE-2016-3888]

An attacker can bypass security features via Settings, in order to escalate his privileges. [severity:2/4; CVE-2016-3889]

An attacker can bypass security features via Java Debug Wire Protocol, in order to escalate his privileges. [severity:2/4; CVE-2016-3890]

An attacker can bypass security features via Mediaserver, in order to obtain sensitive information. [severity:2/4; CVE-2016-3895]

An attacker can bypass security features via AOSP Mail, in order to obtain sensitive information. [severity:2/4; CVE-2016-3896]

An attacker can bypass security features via Wi-Fi, in order to obtain sensitive information. [severity:2/4; CVE-2016-3897]

An attacker can trigger a fatal error via Telephony, in order to trigger a denial of service. [severity:2/4; CVE-2016-3898]
Full Vigil@nce bulletin... (Free trial)

vulnerability note 20334

Android OS: QuadRooter

Synthesis of the vulnerability

Several vulnerabilities were announced in the Qualcomm hardware for Android devices.
Impacted products: Android OS.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: user shell.
Creation date: 08/08/2016.
Revisions dates: 07/09/2016, 07/09/2016.
Identifiers: QuadRooter, VIGILANCE-VUL-20334.

Description of the vulnerability

Several vulnerabilities were announced in the Qualcomm hardware for Android devices.

They are described in several bulletins, because they are not fixed by the same Android versions:
 - CVE-2016-2503 : VIGILANCE-VUL-20040
 - CVE-2016-2504 : VIGILANCE-VUL-20288
 - CVE-2016-2059, CVE-2016-5340 : VIGILANCE-VUL-20535
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Google Android Jelly Bean: