Dirty Cow klinkt misschien als iemands favoriete belediging, maar het is eigenlijk Google's nieuwste Android-kwetsbaarheid in de bijbehorende beveiligingsupdate aangepakt. Deze bijzondere fix komt samen met 49 gebreken, 11 die zijn beoordeeld kritische aanpassingen.
The security bulletin, released on December 5, contains details of security flaws that endanger Android devices. In addition to the bulletin, Google has also released a security update through an “over-the-air” (OTA) bijwerken.
The Google device firmware images have also been released to the Google Developer site. Security patch levels of December 05, 2016 or later address all of these issues.
More about the December Security Bulletin for Android
Google says that the most severe of the issues are critical flaws in device-specific code that could lead to arbitrary code execution in the kernel. This could cause a local permanent device compromise, which may require reflashing the OS to fix the device.
Dirty Cow a.k.a. CVE-2016-5195
This particular flaw has been located in the kernel as well as Linux distributions for almost ten years. Het lek waardoor aanvallers root privileges te verkrijgen via een race condition bug en vervolgens krijgen write-toegang tot read-only memory. De kwetsbaarheid werd gepatcht in zowel de kernel en Linux in oktober. Echter, Android-apparaten moest wachten op een fix, en helaas zijn er exploiteren kits gebruik te maken van de problematiek in het wild.
Besides Dirty Cow, another root privilege flaw was addressed – CVE-2016-4794.
Other privilege escalation flaws were also found and fixed in the kernel and the kernel’s ION driver, together with the HTC sound codec driver and MediaTek driver. Other components were also affected by privilege escalation issues: the kernel security and kernel performance subsystems, MediaTek I2C driver, Synaptics touchscreen driver and Broadcom Wi-Fi driver.
A denial-of-service flaw was also addressed in the Android GPS system, as well as several information disclosure flaws in kernel components.
Qualcomm Component Bugs Also Fixed
meer in het bijzonder, a privilege escalation bug and information leaks were addressed in the December bulletin. A Telephony denial of service (TDos) vulnerability and a remote execution flaw were also handled in the Android Framesequence library.
Google has thanked multiple researchers from different companies such as Alibaba Mobile Security Group, Qihoo 360, Tencent, Baidu X-Lab and TrendMicro. Blijkbaar, no tech giant could survive on its own in the jungle of exploits.
For full technical disclosure of all the flaws addressed in the bulletin, gaan naar Android’s page.