Google has released the June 2018 Android Security Bulletin. Partners have had access to the warnings in this month’s bulletin for at least a month.
The June bulletin has two security patch levels to provide Android partners with the flexibility to more quickly fix a subset of vulnerabilities that are similar across all Android devices.
2018-06-01: Partial security patch level string. This security patch level string indicates that all issues associated with 2018-06-01 (and all previous security patch level strings) are addressed. 2018-06-05: Complete security patch level string. This security patch level address all issues associated with the 2018-06-05 security patch level and all previous patch levels.The most severe of these issues is a critical security vulnerability in Media framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed.
Alongside the bulletin, Google have released a security update to Google devices through an over-the-air (OTA) update. The Google device firmware images have also been released to the Google Developer site. Security patch levels of June 5, 2018 or later address all of these issues.
The tables below contains a list of security vulnerabilities, the Common Vulnerability and Exposures ID (CVE), the assessed severity, and whether or not Google devices are affected. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are disabled for development purposes or if successfully bypassed.
Android and Google Service Mitigations
This is a summary of the mitigations provided by the Android security platform and service protections such as Google Play Protect. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android.
Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. All users are encouraged to update to the latest version of Android where possible. The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications. Google Play Protect is enabled by default on devices with Google Mobile Services, and is especially important for users who install apps from outside of Google Play. 2018-06-01 security patch level—Vulnerability details FrameworkThe most severe vulnerability in this section could enable a local malicious application to bypass user interaction requirements in order to gain access to additional permissions.
CVE References Type Severity Updated AOSP versions CVE-2018-9338 A-71361168 EoP High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-9339 A-71508348 EoP High 8.0, 8.1 CVE-2017-13227 A-69981710 ID High 8.0, 8.1 CVE-2018-9340 A-71360999 ID High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 Media frameworkThe most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.
CVE References Type Severity Updated AOSP versions CVE-2018-9341 A-74016277 RCE Critical 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-5146 A-77284393 RCE Critical 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2017-13230 A-65483665 RCE Critical 6.0 CVE-2018-9344 A-73172817 EoP High 8.1 CVE-2018-9345 A-77238250 ID High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-9346 A-77238762 ID High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-9347 A-68664359 DoS High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-9348 A-68953854 DoS High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 SystemThe most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.
CVE References Type Severity Updated AOSP versions CVE-2018-9355 A-74016921 RCE Critical 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-9356 A-74950468 RCE Critical 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-9357 A-74947856 EoP High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-9358 A-73172115 ID High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-9359 A-74196706 ID High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-9360 A-74201143 ID High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-9361 A-74202041 ID High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 CVE-2018-9362 A-72298611 DoS High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 2018-06-05 security patch level—Vulnerability details Kernel componentsThe most severe vulnerability in this section could enable a local malicious application to execute arbitrary code within the context of a privileged process.
CVE References Type Severity Component CVE-2018-9363 A-65853588 EoP High bluetooth CVE-2017-17806 A-71752561 Upstream kernel EoP High crypto CVE-2017-17807 A-71751178 Upstream kernel EoP High Keyring CVE-2017-17558 A-71751622 Upstream kernel EoP High USB LG componentsThe most severe vulnerability in this section could enable a local attacker to bypass user interaction requirements in order to gain access to additional permissions.
CVE References Type Severity Component CVE-2018-9364 A-69163111 EoP Critical Bootloader Media frameworkThe most severe vulnerability in this section could enable a local malicious application to bypass user interaction requirements in order to gain access to additional permissions.
CVE References Type Severity Updated AOSP versions CVE-2018-9409 A-63144992 QC-CR#2114346 EoP High 8.1 MediaTek componentsThe most severe vulnerability in this section could enable a remote attacker to execute arbitrary code within the context of the TCB.
CVE References Type Severity Component CVE-2018-9373 A-71867247 M-ALPS03740330 EoP Critical Mediatek WLAN TDLS CVE-2018-9366 A-72314499 M-ALPS03762526 EoP High IMSA CVE-2018-9367 A-72314219 M-ALPS03762692 EoP High Cameratool CCAP CVE-2018-9368 A-70727446 M-ALPS03730693 EoP High mtksocaudio CVE-2018-9369 A-70514573 M-ALPS03666161 EoP High bootloader CVE-2018-9370 A-70515281 M-ALPS03693488 EoP High bootloader CVE-2018-9371 A-70515752 M-ALPS03683903 EoP High Bootloader CVE-2018-9372 A-70730215 M-ALPS03676237 EoP High bootloader NVIDIA componentsThe most severe vulnerability in this section could enable a local malicious application to execute arbitrary code within the context of a privileged process.
CVE References Type Severity Component CVE-2017-6290 A-69559414 N-200373895 EoP High TLK TrustZone CVE-2017-6294 A-69316825 N-200369095 EoP High NVIDIA Tegra X1 TZ CVE-2017-6292 A-69480285 N-200373888 EoP High TLZ TrustZone Qualcomm componentsThe most severe vulnerability in this section could enable a local attacker to bypass user interaction requirements in order to gain access to additional permissions.
CVE References Type Severity Component CVE-2017-18158 A-68992400 QC-CR#2104056 EoP Critical Bootloader CVE-2018-3569 A-74237215 QC-CR#2161920 EoP Critical WLAN Host CVE-2017-18155 A-66734153 QC-CR#1050893 RCE Critical Hardware codec CVE-2018-5854 A-71800779 QC-CR#2183877 EoP Critical Bootloader CVE-2017-13077 A-63165064 EoP High WLAN CVE-2018-5896 A-70399602 QC-CR#2163793 ID High Diag driver CVE-2018-5829 A-74237546 QC-CR#2151241 ID High WLAN CVE-2017-18159 A-68992405 QC-CR#2105697 EoP High Bootloader CVE-2017-18158 A-67782849 QC-CR#2104056 EoP High Bootloader CVE-2018-5835 A-74237148 QC-CR#2153553 EoP High WLAN Host CVE-2018-5834 A-74237804 QC-CR#2153326 EoP High WLAN CVE-2018-5831 A-74237606 QC-CR#2161310 EoP High GPU driver CVE-2018-5830 A-74237532 QC-CR#2157917 EoP High WLAN Host Qualcomm closed-source componentsThese vulnerabilities affect Qualcomm components and are described in further detail in the appropriate Qualcomm AMSS security bulletin or security alert. The severity assessment of these issues is provided directly by Qualcomm.
CVE References Type Severity Component CVE-2017-18157 A-73539080 N/A High Closed-source component CVE-2017-18156 A-73539065 N/A High Closed-source component CVE-2018-5892 A-72951191 N/A High Closed-source component CVE-2018-5891 A-72950815 N/A High Closed-source component CVE-2018-5885 A-72950554 N/A High Closed-source component CVE-2018-5894 A-74236854 N/A High Closed-source component CVE-2018-5884 A-74235510 N/A High Closed-source component
Full details of the June 2018 Android Security Bulletin are available here.
