ESB-2017.1686 - [Android] Android: Multiple vulnerabilities 2017-07-06

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.1686
                    Android Security Bulletin July 2017
                                6 July 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Android
Publisher:         Google
Operating System:  Android
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Root Compromise                 -- Existing Account      
                   Modify Arbitrary Files          -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
                   Access Confidential Data        -- Existing Account      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2017-9417 CVE-2017-8273 CVE-2017-8272
                   CVE-2017-8271 CVE-2017-8270 CVE-2017-8269
                   CVE-2017-8268 CVE-2017-8267 CVE-2017-8266
                   CVE-2017-8265 CVE-2017-8264 CVE-2017-8263
                   CVE-2017-8262 CVE-2017-8261 CVE-2017-8260
                   CVE-2017-8259 CVE-2017-8258 CVE-2017-8257
                   CVE-2017-8256 CVE-2017-8255 CVE-2017-8254
                   CVE-2017-8253 CVE-2017-8246 CVE-2017-8243
                   CVE-2017-7308 CVE-2017-6074 CVE-2017-5970
                   CVE-2017-3544 CVE-2017-0711 CVE-2017-0710
                   CVE-2017-0709 CVE-2017-0708 CVE-2017-0707
                   CVE-2017-0706 CVE-2017-0705 CVE-2017-0704
                   CVE-2017-0703 CVE-2017-0702 CVE-2017-0701
                   CVE-2017-0700 CVE-2017-0699 CVE-2017-0698
                   CVE-2017-0697 CVE-2017-0696 CVE-2017-0695
                   CVE-2017-0694 CVE-2017-0693 CVE-2017-0692
                   CVE-2017-0691 CVE-2017-0690 CVE-2017-0689
                   CVE-2017-0688 CVE-2017-0686 CVE-2017-0685
                   CVE-2017-0684 CVE-2017-0683 CVE-2017-0682
                   CVE-2017-0681 CVE-2017-0680 CVE-2017-0679
                   CVE-2017-0678 CVE-2017-0677 CVE-2017-0676
                   CVE-2017-0675 CVE-2017-0674 CVE-2017-0673
                   CVE-2017-0672 CVE-2017-0671 CVE-2017-0670
                   CVE-2017-0669 CVE-2017-0668 CVE-2017-0667
                   CVE-2017-0666 CVE-2017-0665 CVE-2017-0664
                   CVE-2017-0642 CVE-2017-0540 CVE-2017-0340
                   CVE-2017-0326 CVE-2016-10391 CVE-2016-10389
                   CVE-2016-10388 CVE-2016-10383 CVE-2016-10382
                   CVE-2016-10347 CVE-2016-10346 CVE-2016-10344
                   CVE-2016-10343 CVE-2016-5872 CVE-2016-5871
                   CVE-2016-5863 CVE-2016-2109 CVE-2015-9073
                   CVE-2015-9072 CVE-2015-9071 CVE-2015-9070
                   CVE-2015-9069 CVE-2015-9068 CVE-2015-9067
                   CVE-2015-9062 CVE-2015-9061 CVE-2015-9060
                   CVE-2015-9055 CVE-2015-9054 CVE-2015-9053
                   CVE-2015-9052 CVE-2015-9051 CVE-2015-9050
                   CVE-2015-9049 CVE-2015-9048 CVE-2015-9047
                   CVE-2015-9046 CVE-2015-9045 CVE-2015-9044
                   CVE-2015-9043 CVE-2015-9042 CVE-2015-9041
                   CVE-2015-9040 CVE-2015-9039 CVE-2015-9038
                   CVE-2015-9037 CVE-2015-9036 CVE-2015-9035
                   CVE-2015-9034 CVE-2015-8596 CVE-2015-8595
                   CVE-2015-8592 CVE-2015-5707 CVE-2015-0575
                   CVE-2014-9980 CVE-2014-9979 CVE-2014-9978
                   CVE-2014-9977 CVE-2014-9975 CVE-2014-9974
                   CVE-2014-9973 CVE-2014-9968 CVE-2014-9731
                   CVE-2014-9411  

Reference:         ASB-2017.0080
                   ASB-2017.0078
                   ESB-2017.1685
                   ESB-2017.1539
                   ESB-2017.1420

Original Bulletin: 
   https://source.android.com/security/bulletin/2017-07-01

- --------------------------BEGIN INCLUDED TEXT--------------------

Android Security Bulletin July 2017

Published July 5, 2017

The Android Security Bulletin contains details of security vulnerabilities 
affecting Android devices. Security patch levels of July 05, 2017 or later 
address all of these issues. Refer to the Pixel and Nexus update schedule to 
learn how to check a device's security patch level.

Partners were notified of the issues described in the bulletin at least a 
month ago. Source code patches for these issues will be released to the 
Android Open Source Project (AOSP) repository in the next 48 hours. We will 
revise this bulletin with the AOSP links when they are available.

The most severe of these issues is a critical security vulnerability in media
framework that could enable a remote attacker using a specially crafted file 
to execute arbitrary code within the context of a privileged process. The 
severity assessment is based on the effect that exploiting the vulnerability 
would possibly have on an affected device, assuming the platform and service 
mitigations are turned off for development purposes or if successfully 
bypassed.

We have had no reports of active customer exploitation or abuse of these newly
reported issues. Refer to the Android and Google Play Protect mitigations 
section for details on the Android security platform protections and Google 
Play Protect, which improve the security of the Android platform.

We encourage all customers to accept these updates to their devices.

Note: Information on the latest over-the-air update (OTA) and firmware images
for Google devices is available in the Google device updates section.

Announcements

This bulletin has two security patch level strings to provide Android partners
with the flexibility to more quickly fix a subset of vulnerabilities that are
similar across all Android devices. See Common questions and answers for 
additional information: 2017-07-01: Partial security patch level string. This
security patch level string indicates that all issues associated with 
2017-07-01 (and all previous security patch level strings) are addressed. 
2017-07-05: Complete security patch level string. This security patch level 
string indicates that all issues associated with 2017-07-01 and 2017-07-05 
(and all previous security patch level strings) are addressed. Android and 
Google Play Protect mitigations

This is a summary of the mitigations provided by the Android security platform
and service protections such as Google Play Protect. These capabilities reduce
the likelihood that security vulnerabilities could be successfully exploited 
on Android.

Exploitation for many issues on Android is made more difficult by enhancements
in newer versions of the Android platform. We encourage all users to update to
the latest version of Android where possible. The Android security

 actively monitors for abuse through Google Play Protect and warns users about
Potentially Harmful Applications. Google Play Protect is enabled by default on
devices with Google Mobile Services, and is especially important for users who
install apps from outside of Google Play. 2017-07-01 security patch 
levelVulnerability details

In the sections below, we provide details for each of the security 
vulnerabilities that apply to the 2017-07-01 patch level. Vulnerabilities are
grouped under the component that they affect. There is a description of the 
issue and a table with the CVE, associated references, type of vulnerability,
severity, and updated AOSP versions (where applicable). When available, we 
link the public change that addressed the issue to the bug ID, like the AOSP 
change list. When multiple changes relate to a single bug, additional 
references are linked to numbers following the bug ID.

Runtime

The most severe vulnerability in this section could enable a remote attacker 
using a specially crafted file to execute arbitrary code within the context of
an unprivileged process.

CVE References Type Severity Updated AOSP versions CVE-2017-3544 A-35784677 
RCE Moderate 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 Framework

The most severe vulnerability in this section could enable a local malicious 
application using a specially crafted file to execute arbitrary code within 
the context of an application that uses the library.

CVE References Type Severity Updated AOSP versions CVE-2017-0664 A-36491278 
EoP High 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0665 A-36991414
EoP High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0666 
A-37285689 EoP High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 
CVE-2017-0667 A-37478824 EoP High 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2
CVE-2017-0668 A-22011579 ID Moderate 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 
7.1.1, 7.1.2 CVE-2017-0669 A-34114752 ID High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 
CVE-2017-0670 A-36104177 DoS High 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2
Libraries

The most severe vulnerability in this section could enable a remote attacker 
using a specially crafted file to execute arbitrary code within the context of
an application that uses the library.

CVE References Type Severity Updated AOSP versions CVE-2017-0671 A-34514762 
RCE High 4.4.4 CVE-2016-2109 A-35443725 DoS High 4.4.4, 5.0.2, 5.1.1, 6.0, 
6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0672 A-34778578 DoS High 7.0, 7.1.1, 7.1.2 
Media framework

The most severe vulnerability in this section could enable a remote attacker 
using a specially crafted file to execute arbitrary code within the context of
a privileged process.

CVE References Type Severity Updated AOSP versions CVE-2017-0540 A-33966031 
RCE Critical 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0673 
A-33974623 RCE Critical 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0674 A-34231163
RCE Critical 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0675 A-34779227 RCE 
Critical 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0676 A-34896431 RCE Critical 5.0.2,
5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0677 A-36035074 RCE Critical 
6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0678 A-36576151 RCE Critical 7.0, 
7.1.1, 7.1.2 CVE-2017-0679 A-36996978 RCE Critical 6.0, 6.0.1, 7.0, 7.1.1, 
7.1.2 CVE-2017-0680 A-37008096 RCE Critical 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 
CVE-2017-0681 A-37208566 RCE Critical 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 
7.1.1, 7.1.2 CVE-2017-0682 A-36588422 RCE High 7.0, 7.1.1, 7.1.2 CVE-2017-0683
A-36591008 RCE High 7.0, 7.1.1, 7.1.2 CVE-2017-0684 A-35421151 EoP High 6.0, 
6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0685 A-34203195 DoS High 6.0, 6.0.1, 7.0, 
7.1.1, 7.1.2 CVE-2017-0686 A-34231231 DoS High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 
CVE-2017-0688 A-35584425 DoS High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0689
A-36215950 DoS High 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0690
A-36592202 DoS High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 
CVE-2017-0691 A-36724453 DoS High 7.0, 7.1.1, 7.1.2 CVE-2017-0692 A-36725407 
DoS High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0693 
A-36993291 DoS High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0694 A-37093318 DoS
High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0695 
A-37094889 DoS High 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0696
A-37207120 DoS High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0697 A-37239013 DoS
High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0698 
A-35467458 ID Moderate 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0699 A-36490809
ID Moderate 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 System UI

The most severe vulnerability in this section could enable a remote attacker 
using a specially crafted file to execute arbitrary code within the context of
a privileged process.

CVE References Type Severity Updated AOSP versions CVE-2017-0700 A-35639138 
RCE High 7.1.1, 7.1.2 CVE-2017-0701 A-36385715 RCE High 7.1.1, 7.1.2 
CVE-2017-0702 A-36621442 RCE High 7.1.1, 7.1.2 CVE-2017-0703 A-33123882 EoP 
High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0704 
A-33059280 EoP Moderate 7.1.1, 7.1.2 2017-07-05 security patch 
levelVulnerability details

In the sections below, we provide details for each of the security 
vulnerabilities that apply to the 2017-07-05 patch level. Vulnerabilities are
grouped under the component that they affect and include details such as the 
CVE, associated references, type of vulnerability, severity, component (where
applicable), and updated AOSP versions (where applicable). When available, we
link the public change that addressed the issue to the bug ID, like the AOSP 
change list. When multiple changes relate to a single bug, additional 
references are linked to numbers following the bug ID.

Broadcom components

The most severe vulnerability in this section could enable a proximate 
attacker to execute arbitrary code within the context of the kernel.

CVE References Type Severity Component CVE-2017-9417 A-38041027* B-RB#123023 
RCE Critical Wi-Fi driver CVE-2017-0705 A-34973477* B-RB#119898 EoP Moderate 
Wi-Fi driver CVE-2017-0706 A-35195787* B-RB#120532 EoP Moderate Wi-Fi driver 
HTC components

The most severe vulnerability in this section could enable a local malicious 
application to execute arbitrary code within the context of a privileged 
process.

CVE References Type Severity Component CVE-2017-0707 A-36088467* EoP Moderate
LED driver CVE-2017-0708 A-35384879* ID Moderate Sound driver CVE-2017-0709 
A-35468048* ID Low Sensor hub driver Kernel components

The most severe vulnerability in this section could enable a local malicious 
application to execute arbitrary code within the context of a privileged 
process.

CVE References Type Severity Component CVE-2017-6074 A-35784697 Upstream 
kernel EoP High Networking subsystem CVE-2017-5970 A-35805460 Upstream kernel
DoS High Networking subsystem CVE-2015-5707 A-35841297 Upstream kernel [2] EoP
Moderate SCSI driver CVE-2017-0710 A-34951864* EoP Moderate TCB CVE-2017-7308
A-36725304 Upstream kernel [2] [3] EoP Moderate Networking driver 
CVE-2014-9731 A-35841292 Upstream kernel ID Moderate File system MediaTek 
components

The most severe vulnerability in this section could enable a local malicious 
application to execute arbitrary code within the context of a privileged 
process.

CVE References Type Severity Component CVE-2017-0711 A-36099953* 
M-ALPS03206781 EoP High Networking driver NVIDIA components

The most severe vulnerability in this section could enable a local malicious 
application to execute arbitrary code within the context of a privileged 
process.

CVE References Type Severity Component CVE-2017-0340 A-33968204* 
N-CVE-2017-0340 EoP High Libnvparser CVE-2017-0326 A-33718700* N-CVE-2017-0326
ID Moderate Video driver Qualcomm components

The most severe vulnerability in this section could enable a local malicious 
application to execute arbitrary code within the context of the kernel.

CVE References Type Severity Component CVE-2017-8255 A-36251983 QC-CR#985205 
EoP High Bootloader CVE-2016-10389 A-34500449 QC-CR#1009145 EoP High 
Bootloader CVE-2017-8253 A-35400552 QC-CR#1086764 EoP High Camera driver 
CVE-2017-8262 A-32938443 QC-CR#2029113 EoP High GPU driver CVE-2017-8263 
A-34126808* QC-CR#1107034 EoP High Anonymous shared memory subsystem 
CVE-2017-8267 A-34173755* QC-CR#2001129 EoP High Anonymous shared memory 
subsystem CVE-2017-8273 A-35400056 QC-CR#1094372 [2] EoP High Bootloader 
CVE-2016-5863 A-36251182 QC-CR#1102936 EoP Moderate USB HID driver 
CVE-2017-8243 A-34112490* QC-CR#2001803 EoP Moderate SoC driver CVE-2017-8246
A-37275839 QC-CR#2008031 EoP Moderate Sound driver CVE-2017-8256 A-37286701 
QC-CR#1104565 EoP Moderate Wi-Fi driver CVE-2017-8257 A-37282763 QC-CR#2003129
EoP Moderate Video driver CVE-2017-8259 A-34359487 QC-CR#2009016 EoP Moderate
SoC driver CVE-2017-8260 A-34624155 QC-CR#2008469 EoP Moderate Camera driver 
CVE-2017-8261 A-35139833* QC-CR#2013631 EoP Moderate Camera driver 
CVE-2017-8264 A-33299365* QC-CR#1107702 EoP Moderate Camera driver 
CVE-2017-8265 A-32341313 QC-CR#1109755 EoP Moderate Video driver CVE-2017-8266
A-33863407 QC-CR#1110924 EoP Moderate Video driver CVE-2017-8268 A-34620535* 
QC-CR#2002207 EoP Moderate Camera driver CVE-2017-8270 A-35468665* 
QC-CR#2021363 EoP Moderate Wi-Fi driver CVE-2017-8271 A-35950388* 
QC-CR#2028681 EoP Moderate Video driver CVE-2017-8272 A-35950805* 
QC-CR#2028702 EoP Moderate Video driver CVE-2017-8254 A-36252027 QC-CR#832914
ID Moderate Sound driver CVE-2017-8258 A-37279737 QC-CR#2005647 ID Moderate 
Camera driver CVE-2017-8269 A-33967002* QC-CR#2013145 ID Moderate IPA Driver 
Qualcomm closed-source components

These vulnerabilities affect Qualcomm components and are described in further
detail in Qualcomm AMSS security bulletins in 2014-2016. They are included in
this Android security bulletin in order to associate their fixes with an 
Android security patch level. Fixes for these vulnerabilities are available 
directly from Qualcomm.

CVE References Type Severity Component CVE-2014-9411 A-37473054* QC-CR#532956
N/A High Secure systems group CVE-2014-9968 A-37304413* QC-CR#642084 N/A High
Modem CVE-2014-9973 A-37470982* QC-CR#646919 N/A High Secure systems group 
CVE-2014-9974 A-37471979* QC-CR#654072 N/A High Secure systems group 
CVE-2014-9975 A-37471230* QC-CR#700125 N/A High Secure systems group 
CVE-2014-9977 A-37471087* QC-CR#703002 N/A High Secure systems group 
CVE-2014-9978 A-37468982* QC-CR#709939 N/A High Secure systems group 
CVE-2014-9979 A-37471088* QC-CR#717304 N/A High Secure systems group 
CVE-2014-9980 A-37471029* QC-CR#709766 N/A High Secure systems group 
CVE-2015-0575 A-37296999* QC-CR#715815 N/A High Modem CVE-2015-8592 
A-37470090* QC-CR#775396 N/A High Core CVE-2015-8595 A-37472411* QC-CR#790151
N/A High Secure systems group CVE-2015-8596 A-37472806* QC-CR#802005 N/A High
Secure systems group CVE-2015-9034 A-37305706* QC-CR#614512 N/A High Modem 
CVE-2015-9035 A-37303626* QC-CR#750231 N/A High Modem CVE-2015-9036 
A-37303519* QC-CR#751831 N/A High Modem CVE-2015-9037 A-37304366* QC-CR#753315
N/A High Modem CVE-2015-9038 A-37303027* QC-CR#758328 N/A High Modem 
CVE-2015-9039 A-37302628* QC-CR#760282 N/A High Modem CVE-2015-9040 
A-37303625* QC-CR#761216 N/A High Modem CVE-2015-9041 A-37303518* QC-CR#762126
N/A High Modem CVE-2015-9042 A-37301248* QC-CR#762214 N/A High Modem 
CVE-2015-9043 A-37305954* QC-CR#762954 N/A High Modem CVE-2015-9044 
A-37303520* QC-CR#764858 N/A High Modem CVE-2015-9045 A-37302136* QC-CR#766189
N/A High Modem CVE-2015-9046 A-37301486* QC-CR#767335 N/A High Modem 
CVE-2015-9047 A-37304367* QC-CR#779285 N/A High Modem CVE-2015-9048 
A-37305707* QC-CR#795960 N/A High Modem CVE-2015-9049 A-37301488* 
QC-CR#421589, QC-CR#817165 N/A High Modem CVE-2015-9050 A-37302137* 
QC-CR#830102 N/A High Modem CVE-2015-9051 A-37300737* QC-CR#837317 N/A High 
Modem CVE-2015-9052 A-37304217* QC-CR#840483 N/A High Modem CVE-2015-9053 
A-37301249* QC-CR#843808 N/A High Modem CVE-2015-9054 A-37303177* QC-CR#856077
N/A High Modem CVE-2015-9055 A-37472412* QC-CR#806464 N/A High Core 
CVE-2015-9060 A-37472807* QC-CR#817343 N/A High Secure systems group 
CVE-2015-9061 A-37470436* QC-CR#824195 N/A High Secure systems group 
CVE-2015-9062 A-37472808* QC-CR#802039 N/A High Secure systems group 
CVE-2015-9067 A-37474000* QC-CR#848926 N/A High Secure systems group 
CVE-2015-9068 A-37470144* QC-CR#851114 N/A High Secure systems group 
CVE-2015-9069 A-37470777* QC-CR#854496 N/A High Secure systems group 
CVE-2015-9070 A-37474001* QC-CR#877102 N/A High Secure systems group 
CVE-2015-9071 A-37471819* QC-CR#877276 N/A High Secure systems group 
CVE-2015-9072 A-37474002* QC-CR#877361 N/A High Secure systems group 
CVE-2015-9073 A-37473407* QC-CR#878073 N/A High Secure systems group 
CVE-2016-10343 A-32580186* QC-CR#972213 N/A High Modem CVE-2016-10344 
A-32583954* QC-CR#1022360 N/A High Modem CVE-2016-10346 A-37473408* 
QC-CR#896584 N/A High Core CVE-2016-10347 A-37471089* QC-CR#899671 N/A High 
Core CVE-2016-10382 A-28823584* QC-CR#944014 N/A High Secure systems group 
CVE-2016-10383 A-28822389* QC-CR#960624 N/A High Secure systems group 
CVE-2016-10388 A-32580294* QC-CR#992749 N/A High Secure systems group 
CVE-2016-10391 A-32583804* QC-CR#970283 N/A High WConnect CVE-2016-5871 
A-37473055* QC-CR#883013 N/A High Secure systems group CVE-2016-5872 
A-37472809* QC-CR#886220 N/A High Secure systems group Google device updates

This table contains the security patch level in the latest over-the-air update
(OTA) and firmware images for Google devices. The Google device firmware 
images are available on the Google Developer site.

Google device Security patch level Pixel / Pixel XL July 05, 2017 Nexus 5X 
July 05, 2017 Nexus 6 July 05, 2017 Nexus 6P July 05, 2017 Nexus 9 July 05, 
2017 Nexus Player July 05, 2017 Pixel C July 05, 2017 Acknowledgements

We would like to thank these researchers for their contributions:

CVEs Researchers CVE-2017-0711 Chengming Yang, Baozeng Ding, and Yang Song of
Alibaba Mobile Security Group CVE-2017-0706 Daxing Guo (@freener0) of Xuanwu 
Lab, Tencent CVE-2017-8260 Derrek (@derrekr6) and Scott Bauer CVE-2017-8265 Di
Shen (@returnsme) of KeenLab (@keen_lab), Tencent CVE-2017-0703 Dzmitry 
Lukyanenka CVE-2017-0692, CVE-2017-0694 Elphet and Gong Guang of Alpha

, Qihoo 360 Technology Co. Ltd. CVE-2017-8266, CVE-2017-8243, CVE-2017-8270 
Gengjia Chen (@chengjia4574) and pjf of IceSword Lab, Qihoo 360 Technology Co.
Ltd. CVE-2017-0665, CVE-2017-0681 Hanxiang Wen, Mingjian Zhou 
(@Mingjian_Zhou), and Xuxian Jiang of C0RE

CVE-2017-8268, CVE-2017-8261 Jianqiang Zhao (@jianqiangzhao) and pjf of 
IceSword Lab, Qihoo 360 CVE-2017-0698 Joey Brand of Census Consulting Inc. 
CVE-2017-0666, CVE-2017-0684 Mingjian Zhou (@Mingjian_Zhou), Chi Zhang, and 
Xuxian Jiang of C0RE

CVE-2017-0697, CVE-2017-0670 Niky1235 (@jiych_guru) CVE-2017-9417 Nitay 
Artenstein of Exodus Intelligence CVE-2017-0705, CVE-2017-8259 Scott Bauer 
CVE-2017-0667 Timothy Becker of CSS Inc. CVE-2017-0642, CVE-2017-0682, 
CVE-2017-0683, CVE-2017-0676, CVE-2017-0696,CVE-2017-0675, CVE-2017-0701, 
CVE-2017-0702, CVE-2017-0699 Vasily Vasiliev CVE-2017-0695, CVE-2017-0689, 
CVE-2017-0540, CVE-2017-0680, CVE-2017-0679, CVE-2017-0685, CVE-2017-0686, 
CVE-2017-0693,CVE-2017-0674, CVE-2017-0677 V.E.O (@VYSEa) of Mobile Threat 
Response

, Trend Micro CVE-2017-0708 Xiling Gong of Tencent Security Platform 
Department CVE-2017-0690 Yangkang (@dnpushme) and Liyadong of Qihoo 360 Qex

CVE-2017-8269, CVE-2017-8271, CVE-2017-8272, CVE-2017-8267 Yonggang Guo 
(@guoygang) of IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2017-8264, 
CVE-2017-0326, CVE-2017-0709 Yuan-Tsung Lo (computernik@gmail.com) and Xuxian
Jiang of C0RE

CVE-2017-0704, CVE-2017-0669 Yuxiang Li (@Xbalien29) of Tencent Security 
Platform Department CVE-2017-0678 Zinuo Han of Chengdu Security Response 
Center, Qihoo 360 Technology Co. Ltd. CVE-2017-0691, CVE-2017-0700 Zinuo Han 
of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd. and Ao Wang
(@ArayzSegment) of Pangu

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWV2csIx+lLeg9Ub1AQhfZQ//R4MnLyxwLS8giOTzyYuCWioxMUPnYMIT
H6fBPkAtDepEgcRHbI+7GTTvaIdoTvNDH0Em1rUfCHcDfB96w3mnKzlawOmcfvy/
b4jiR+breVu6Jxbjq/2eW9RrMJIM38SyZ7BfzbqhDveWXb7Cpwml/vTtLMzKXaFi
XQC7/Ce8IWNdM0FUPfKTGx1cVE+wrUMi6UQH7Kqxt3wrnshrr+vondbvYnlr3BNZ
Iy+FpJ0UKttNxKXQrWA8AxDhO8lEjtSkS+f9e0SzJFnT+10HnfwlxW6etEa4Suwq
spe8+tdFidp2GJcL19hwrU8PVFyWVMMgKCaDXNdluy8HpMGic3cho827M0ADSNS6
vg8O19x6WEtL6BArmt34SxU+pMGwh4zbnObDDYwEcN0LIHUFGIdy+V0roBCnbU+w
Qrfx1aVbpDpMN7wgBjYoxw6V4Fi2Tdv24My4VzwYqoTopl5jNWm99OKWfWo4mqUu
2kk6FihjpZdHam7PPm/9Xtk3AbqeH96Wcw1cj2hP9qgN03LtqGA3XfuRNhDjYKKv
3SD5/e1ON9VF4NqEdKWkTfn8Q5UDQ4PrOSjnhTsXjRO4CeGe0UDhSxs+nJlLr2ij
mfju6eGjW53ApGSlNHjO+rzsc5j4VHGph6lUqEszGHLeY6PPvLhwbu/oJ6azougA
/ahxZA3AKbk=
=agte
-----END PGP SIGNATURE-----

« Back to bulletins