Google released yesterday its monthly security bulletin containing fixes for the Android mobile operating system, and the company says it fixed a critical vulnerability that allowed attackers to execute code on user devices via a malicious multimedia file sent via MMS or the Web.
Google also rebranded the monthly update train, which from now on will be known as the Android Security Bulletin. Previously it was known as the Nexus Security Bulletin because the company offered all the updates automatically as over-the-air (OTA) updates to all of its Nexus devices.
Since almost all major OEMs are now taking Google's security updates and diligently integrating them into their bastard Android versions, the company decided that using the Android Security Bulletin is now an indicative of the real-world situation.
Google addressed 40 security issues
For the month of May 2016, Google announced 40 security fixes for Android, of which twelve were labeled as critical, the highest severity level that can be assigned.
These issues fixed RCE bugs in the Mediaserver component, and elevation of privilege vulnerabilities in the Debuggerd, Qualcomm TrustZone, Wi-Fi Driver, NVIDIA Video Driver, and Kernel components.
All these latter issues may lead to a permanent device compromise, which may require reflashing the operating system to repair the device.
Weichao Sun, security researcher at Alibaba, discovered the most severe issue, the one in the Mediaserver component. The bug affected all Android versions supported by Google (4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1), which received a patch against this type of exploit.
Other security researchers that contributed to the May 2016 Android Security Bulletin include infosec experts from Google, C0RE Team, Trend Micro, Baidu, Qihoo 360, Mandiant, and e2e-assure.
Issue | CVE | Severity | Affects Nexus? |
---|---|---|---|
Remote Code Execution Vulnerability in Mediaserver | CVE-2016-2428 CVE-2016-2429 |
Critical | Yes |
Elevation of Privilege Vulnerability in Debuggerd | CVE-2016-2430 | Critical | Yes |
Elevation of Privilege Vulnerability in Qualcomm TrustZone | CVE-2016-2431 CVE-2016-2432 |
Critical | Yes |
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver | CVE-2015-0569 CVE-2015-0570 |
Critical | Yes |
Elevation of Privilege Vulnerability in NVIDIA Video Driver | CVE-2016-2434 CVE-2016-2435 CVE-2016-2436 CVE-2016-2437 |
Critical | Yes |
Elevation of Privilege Vulnerability in Kernel | CVE-2015-1805 | Critical | Yes |
Remote Code Execution Vulnerability in Kernel | CVE-2016-2438 | High | Yes |
Information Disclosure Vulnerability in Qualcomm Tethering Controller | CVE-2016-2060 | High | No |
Remote Code Execution in Bluetooth | CVE-2016-2439 | High | Yes |
Elevation of Privilege in Binder | CVE-2016-2440 | High | Yes |
Elevation of Privilege Vulnerability in Qualcomm Buspm Driver | CVE-2016-2441 CVE-2016-2442 |
High | Yes |
Elevation of Privilege Vulnerability in Qualcomm MDP Driver | CVE-2016-2443 | High | Yes |
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver | CVE-2015-0571 | High | Yes |
Elevation of Privilege Vulnerability in NVIDIA Video Driver | CVE-2016-2444 CVE-2016-2445 CVE-2016-2446 |
High | Yes |
Elevation of Privilege in Wi-Fi | CVE-2016-2447 | High | Yes |
Elevation of Privilege Vulnerability in Mediaserver | CVE-2016-2448 CVE-2016-2449 CVE-2016-2450 CVE-2016-2451 CVE-2016-2452 |
High | Yes |
Elevation of Privilege Vulnerability in MediaTek Wi-Fi Driver | CVE-2016-2453 | High | Yes |
Remote Denial of Service Vulnerability in Qualcomm Hardware Codec | CVE-2016-2454 | High | Yes |
Elevation of Privilege in Conscrypt | CVE-2016-2461 CVE-2016-2462 |
Moderate | Yes |
Elevation of Privilege Vulnerability in OpenSSL & BoringSSL | CVE-2016-0705 | Moderate | Yes |
Elevation of Privilege Vulnerability in MediaTek Wi-Fi Driver | CVE-2016-2456 | Moderate | Yes |
Elevation of Privilege in Wi-Fi | CVE-2016-2457 | Moderate | Yes |
Information Disclosure Vulnerability in AOSP Mail | CVE-2016-2458 | Moderate | Yes |
Information Disclosure Vulnerability in Mediaserver | CVE-2016-2459 CVE-2016-2460 |
Moderate | Yes |
Denial of Service Vulnerability in Kernel | CVE-2016-0774 | Low | Yes |