SMR-FEB-2016
Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process.
This SMR package includes patches from Google and Samsung.
Google patches include all patches up to Android Security Bulletin – February 2016 package.
The Bulletin (February 2016) has 10, which also contain the following 10 CVE items:
CVE-2016-0803(C), CVE-2016-0804(C), CVE-2016-0807(C), CVE-2016-0808(H), CVE-2016-0809(H), CVE-2016-0810(H), CVE-2016-0811(H), CVE-2016-0812(M), CVE-2016-0813(M), CVE-2015-6614(M).
* Severity : (C)-Critical, (H)-High, (M)-Moderate, (L)-Low
※ Please see Android Security Bulletin for detailed information on Google patches.
Along with Google patches, Samsung Mobile provides 7 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices¹.
Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.
SVE-2016-5036: SecNetfilter Security Patch
Severity: Medium
Affected versions: All devices using SecNetfilter driver on KK(4.4) or L(5.0/5.1)
Reported on: October 20, 2015
Disclosure status: This issue is publicly known.
A vulnerability dereferencing Null-pointer during parsing the URL can make a memory corruption and be abused by attackers.
The supplied patch removes the ‘SecNetfilter’ driver.
SVE-2016-5134: TvoutService_C service DoS
Severity: Low
Affected versions: KK(4.4), L(5.0/5.1), M(6.0)
Reported on: October 30, 2015
Disclosure status: This issue is publicly known.
A vulnerability without appropriate exception handling allows attackers to make a system crash easily through such as a DoS attack.
The supplied patch prevents unexpected crashes by confirming the validation of variables.
SVE-2016-5326: Buffer overflow vulnerability in Qualcomm WLAN Driver
Severity: Critical
Affected versions: J(4.2) and above with Qualcomm Wi-Fi chipset
Reported on: December 15, 2015
Disclosure status: This issue is publicly known.
A vulnerability not confirming boundary condition before memory copy can make buffer overflow by an unexpected data size.
The supplied patch prevents buffer overflow by confirming the sizes of source and destination.
¹ Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.
Acknowledgements
We truely appreciate the following researchers for helping Samsung to improve the security of our products.
- Roberto Paleari and Aristide: SVE-2016-5036
- Vinc3nt4H of Alibaba Mobile Security Team : SVE-2015-5134
