| <html devsite> |
| <head> |
| <title>Android Security Bulletin—March 2018</title> |
| <meta name="project_path" value="/_project.yaml" /> |
| <meta name="book_path" value="/_book.yaml" /> |
| </head> |
| <body> |
| <!-- |
| Copyright 2018 The Android Open Source Project |
| |
| Licensed under the Apache License, Version 2.0 (the "License"); |
| you may not use this file except in compliance with the License. |
| You may obtain a copy of the License at |
| |
| //www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| <p><em>Published March 5, 2018 | Updated March 7, 2018</em></p> |
| |
| <p> |
| The Android Security Bulletin contains details of security vulnerabilities |
| affecting Android devices. Security patch levels of 2018-03-05 or later address |
| all of these issues. To learn how to check a device's security patch level, see |
| <a href="https://support.google.com/pixelphone/answer/4457705">Check and update |
| your Android version</a>. |
| </p> |
| <p> |
| Android partners are notified of all issues at least a month before publication. |
| Source code patches for these issues have been released to the Android Open |
| Source Project (AOSP) repository and linked from this bulletin. This bulletin |
| also includes links to patches outside of AOSP. |
| </p> |
| <p> |
| The most severe of these issues is a critical security vulnerability in Media |
| framework that could enable a remote attacker using a specially crafted file to |
| execute arbitrary code within the context of a privileged process. The |
| <a href="/security/overview/updates-resources.html#severity">severity |
| assessment</a> is based on the effect that exploiting the vulnerability would |
| possibly have on an affected device, assuming the platform and service |
| mitigations are turned off for development purposes or if successfully bypassed. |
| </p> |
| <p> |
| We have had no reports of active customer exploitation or abuse of these newly |
| reported issues. Refer to the |
| <a href="#mitigations">Android and Google Play Protect mitigations</a> |
| section for details on the |
| <a href="/security/enhancements/index.html">Android security platform protections</a> |
| and Google Play Protect, which improve the security of the Android platform. |
| </p> |
| <p class="note"> |
| <strong>Note:</strong> Information on the latest over-the-air update (OTA) and |
| firmware images for Google devices is available in the |
| <a href="/security/bulletin/pixel/2018-03-01.html">March 2018 |
| Pixel / Nexus Security Bulletin</a>. |
| </p> |
| |
| <h2 id="mitigations">Android and Google service mitigations</h2> |
| <p> |
| This is a summary of the mitigations provided by the |
| <a href="/security/enhancements/index.html">Android security platform</a> |
| and service protections such as |
| <a href="https://www.android.com/play-protect">Google Play Protect</a>. |
| These capabilities reduce the likelihood that security vulnerabilities |
| could be successfully exploited on Android. |
| </p> |
| <ul> |
| <li>Exploitation for many issues on Android is made more difficult by |
| enhancements in newer versions of the Android platform. We encourage all users |
| to update to the latest version of Android where possible.</li> |
| <li>The Android security team actively monitors for abuse through |
| <a href="https://www.android.com/play-protect">Google Play Protect</a> |
| and warns users about |
| <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">Potentially |
| Harmful Applications</a>. Google Play Protect is enabled by default on devices |
| with <a href="http://www.android.com/gms">Google Mobile Services</a>, and is |
| especially important for users who install apps from outside of Google |
| Play.</li> |
| </ul> |
| <h2 id="2018-03-01-details">2018-03-01 security patch level vulnerability details</h2> |
| <p> |
| In the sections below, we provide details for each of the security |
| vulnerabilities that apply to the 2018-03-01 patch level. Vulnerabilities are |
| grouped under the component that they affect. There is a description of the |
| issue and a table with the CVE, associated references, |
| <a href="#type">type of vulnerability</a>, |
| <a href="/security/overview/updates-resources.html#severity">severity</a>, |
| and updated AOSP versions (where applicable). When available, we link the public |
| change that addressed the issue to the bug ID, like the AOSP change list. When |
| multiple changes relate to a single bug, additional references are linked to |
| numbers following the bug ID. |
| </p> |
| |
| <h3 id="media-framework">Media framework</h3> |
| <p>The most severe vulnerability in this section could enable a remote attacker |
| using a specially crafted file to execute arbitrary code within the context of |
| a privileged process.</p> |
| |
| <table> |
| <col width="17%"> |
| <col width="19%"> |
| <col width="9%"> |
| <col width="14%"> |
| <col width="39%"> |
| <tr> |
| <th>CVE</th> |
| <th>References</th> |
| <th>Type</th> |
| <th>Severity</th> |
| <th>Updated AOSP versions</th> |
| </tr> |
| <tr> |
| <td>CVE-2017-13248</td> |
| <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/0ad7e37ac954dc3ae8b739439a8d9cf645a46a10"> |
| A-70349612</a></td> |
| <td>RCE</td> |
| <td>Critical</td> |
| <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13249</td> |
| <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/9449ef411f32e2948190f9451726eb558996e8d3"> |
| A-70399408</a></td> |
| <td>RCE</td> |
| <td>Critical</td> |
| <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13250</td> |
| <td><a href="https://android.googlesource.com/platform/external/libavc/+/a7f41c5d3425dbd89da38a4aa8398cf7351406e8"> |
| A-71375536</a> |
| </td> |
| <td>RCE</td> |
| <td>Critical</td> |
| <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13251</td> |
| <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/5687dbe62b2785d1b037336eb07e96ab81bddaea"> |
| A-69269702</a> |
| </td> |
| <td>EoP</td> |
| <td>Critical</td> |
| <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13252</td> |
| <td><a href="https://android.googlesource.com/platform/frameworks/av/+/86141f9df21cb8ac91f9cc9804f5b75d26d98996"> |
| A-70526702</a> |
| </td> |
| <td>EoP</td> |
| <td>High</td> |
| <td>8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13253</td> |
| <td><a href="https://android.googlesource.com/platform/frameworks/av/+/871412cfa05770cfd8be0a130b68386775445057"> |
| A-71389378</a> |
| </td> |
| <td>EoP</td> |
| <td>High</td> |
| <td>8.0, 8.1</td> |
| </tr> |
| </table> |
| |
| |
| <h3 id="system">System</h3> |
| <p>The most severe vulnerability in this section could enable a proximate |
| attacker to execute arbitrary code within the context of a privileged |
| process.</p> |
| |
| <table> |
| <col width="17%"> |
| <col width="19%"> |
| <col width="9%"> |
| <col width="14%"> |
| <col width="39%"> |
| <tr> |
| <th>CVE</th> |
| <th>References</th> |
| <th>Type</th> |
| <th>Severity</th> |
| <th>Updated AOSP versions</th> |
| </tr> |
| <tr> |
| <td>CVE-2017-13255</td> |
| <td><a href="https://android.googlesource.com/platform/system/bt/+/f0edf6571d2d58e66ee0b100ebe49c585d31489f"> |
| A-68776054</a></td> |
| <td>RCE</td> |
| <td>Critical</td> |
| <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13256</td> |
| <td><a href="https://android.googlesource.com/platform/system/bt/+/f0edf6571d2d58e66ee0b100ebe49c585d31489f"> |
| A-68817966</a> |
| </td> |
| <td>RCE</td> |
| <td>Critical</td> |
| <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13272</td> |
| <td><a href="https://android.googlesource.com/platform/system/bt/+/935ee775421e0c8a14f26669d9ab99f110ceb7d5"> |
| A-67110137</a> |
| [<a href="https://android.googlesource.com/platform/system/bt/+/ec16f7d8c7e359a68ffe6b76e88add2210bf2cbd">2</a>]</td> |
| <td>RCE</td> |
| <td>Critical</td> |
| <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13266</td> |
| <td><a href="https://android.googlesource.com/platform/system/bt/+/2f2043f18463a5c963c138d24346870b1066e7a6"> |
| A-69478941</a> |
| </td> |
| <td>RCE</td> |
| <td>Critical</td> |
| <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13257</td> |
| <td><a href="https://android.googlesource.com/platform/system/bt/+/08e68337a9eb45818d5a770570c8b1d15a14d904"> |
| A-67110692</a> |
| </td> |
| <td>ID</td> |
| <td>High</td> |
| <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13258</td> |
| <td><a href="https://android.googlesource.com/platform/system/bt/+/a50e70468c0a8d207e416e273d05a08635bdd45f"> |
| A-67863755</a> |
| </td> |
| <td>ID</td> |
| <td>High</td> |
| <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13259</td> |
| <td><a href="https://android.googlesource.com/platform/system/bt/+/0627e76edefd948dc3efe11564d7e53d56aac80c"> |
| A-68161546</a> |
| [<a href="https://android.googlesource.com/platform/system/bt/+/1313abd1761c39e8619a77964f8c42e3e72b5fee">2</a>] |
| </td> |
| <td>ID</td> |
| <td>High</td> |
| <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13260</td> |
| <td><a href="https://android.googlesource.com/platform/system/bt/+/a50e70468c0a8d207e416e273d05a08635bdd45f"> |
| A-69177251</a> |
| </td> |
| <td>ID</td> |
| <td>High</td> |
| <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13261</td> |
| <td><a href="https://android.googlesource.com/platform/system/bt/+/a50e70468c0a8d207e416e273d05a08635bdd45f"> |
| A-69177292</a> |
| </td> |
| <td>ID</td> |
| <td>High</td> |
| <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-13262</td> |
| <td><a href="https://android.googlesource.com/platform/system/bt/+/a50e70468c0a8d207e416e273d05a08635bdd45f"> |
| A-69271284</a> |
| </td> |
| <td>ID</td> |
| <td>High</td> |
| <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> |
| </tr> |
| </table> |
| |
| <h2 id="2018-03-05-details">2018-03-05 security patch level vulnerability details</h2> |
| <p> |
| In the sections below, we provide details for each of the security |
| vulnerabilities that apply to the 2018-03-05 patch level. Vulnerabilities are |
| grouped under the component that they affect and include details such as the |
| CVE, associated references, <a href="#type">type of vulnerability</a>, |
| <a href="/security/overview/updates-resources.html#severity">severity</a>, |
| component (where applicable), and updated AOSP versions (where applicable). When |
| available, we link the public change that addressed the issue to the bug ID, |
| like the AOSP change list. When multiple changes relate to a single bug, |
| additional references are linked to numbers following the bug ID. |
| </p> |
| |
| <h3 id="kernel-components">Kernel components</h3> |
| <p>The most severe vulnerability in this section could enable a local malicious |
| application to execute arbitrary code within the context of a privileged |
| process.</p> |
| |
| <table> |
| <col width="17%"> |
| <col width="19%"> |
| <col width="9%"> |
| <col width="14%"> |
| <col width="39%"> |
| <tr> |
| <th>CVE</th> |
| <th>References</th> |
| <th>Type</th> |
| <th>Severity</th> |
| <th>Component</th> |
| </tr> |
| <tr> |
| <td>CVE-2017-16530</td> |
| <td>A-69051940<br /> |
| <a href="https://github.com/torvalds/linux/commit/786de92b3cb26012d3d0f00ee37adf14527f35c4"> |
| Upstream kernel</a></td> |
| <td>EoP</td> |
| <td>High</td> |
| <td>UAS driver</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-16525</td> |
| <td>A-69050921<br /> |
| <a href="https://github.com/torvalds/linux/commit/299d7572e46f98534033a9e65973f13ad1ce9047"> |
| Upstream kernel</a></td> |
| <td>EoP</td> |
| <td>High</td> |
| <td>USB driver</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-16535</td> |
| <td>A-69052675<br /> |
| <a href="https://github.com/torvalds/linux/commit/1c0edc3633b56000e18d82fc241e3995ca18a69e"> |
| Upstream kernel</a></td> |
| <td>ID</td> |
| <td>High</td> |
| <td>USB driver</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-16533</td> |
| <td>A-69052348<br /> |
| <a href="https://github.com/torvalds/linux/commit/f043bfc98c193c284e2cd768fefabe18ac2fed9b"> |
| Upstream kernel</a></td> |
| <td>ID</td> |
| <td>High</td> |
| <td>USB driver</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-16531</td> |
| <td>A-69052055<br /> |
| <a href="https://github.com/torvalds/linux/commit/bd7a3fe770ebd8391d1c7d072ff88e9e76d063eb"> |
| Upstream kernel</a></td> |
| <td>ID</td> |
| <td>High</td> |
| <td>USB driver</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-16529</td> |
| <td>A-69051731<br /> |
| <a href="https://github.com/torvalds/linux/commit/bfc81a8bc18e3c4ba0cbaa7666ff76be2f998991"> |
| Upstream kernel</a></td> |
| <td>ID</td> |
| <td>High</td> |
| <td>USB sound driver</td> |
| </tr> |
| </table> |
| |
| |
| <h3 id="nvidia-components">NVIDIA components</h3> |
| <p>The most severe vulnerability in this section could enable a local malicious |
| application to execute arbitrary code within the context of a privileged |
| process.</p> |
| |
| <table> |
| <col width="17%"> |
| <col width="19%"> |
| <col width="9%"> |
| <col width="14%"> |
| <col width="39%"> |
| <tr> |
| <th>CVE</th> |
| <th>References</th> |
| <th>Type</th> |
| <th>Severity</th> |
| <th>Component</th> |
| </tr> |
| <tr> |
| <td>CVE-2017-6281</td> |
| <td>A-66969318<a href="#asterisk">*</a><br /> |
| N-CVE-2017-6281</td> |
| <td>EoP</td> |
| <td>High</td> |
| <td>Libnvomx</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-6286</td> |
| <td>A-64893247<a href="#asterisk">*</a><br /> |
| N-CVE-2017-6286</td> |
| <td>EoP</td> |
| <td>High</td> |
| <td>Libnvomx</td> |
| </tr> |
| </table> |
| |
| |
| <h3 id="qualcomm-components">Qualcomm components</h3> |
| <p>The most severe vulnerability in this section could enable a remote attacker |
| using a specially crafted file to execute arbitrary code within the context of |
| a privileged process.</p> |
| |
| <table> |
| <col width="17%"> |
| <col width="19%"> |
| <col width="9%"> |
| <col width="14%"> |
| <col width="39%"> |
| <tr> |
| <th>CVE</th> |
| <th>References</th> |
| <th>Type</th> |
| <th>Severity</th> |
| <th>Component</th> |
| </tr> |
| <tr> |
| <td>CVE-2017-18067</td> |
| <td>A-68992411<br /> |
| <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=e1e9d0cb8a0bc33965d112725e205a78aab82986"> |
| QC-CR#2081734</a> |
| [<a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=4201fc6c8c7eb7dddcfb7f06b5f1012d7c5cf451">2</a>]</td> |
| <td>RCE</td> |
| <td>Critical</td> |
| <td>Wireless network driver</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-15815</td> |
| <td>A-68992395<br /> |
| <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a5096157fd80350a0e0409e7ad96265ae60861f6"> |
| QC-CR#2093392</a></td> |
| <td>RCE</td> |
| <td>Critical</td> |
| <td>WLAN</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-18068</td> |
| <td>A-70799990<br /> |
| <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=b91ad6cf984a48ad52fe5af13cb3e0ac4bf012ed"> |
| QC-CR#2072064</a></td> |
| <td>EoP</td> |
| <td>High</td> |
| <td>WLAN</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-18056</td> |
| <td>A-70237692<br /> |
| <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=67cfe475cb8ea3dfa86c68fca536b4ddb5168e9d"> |
| QC-CR#2119404</a></td> |
| <td>EoP</td> |
| <td>High</td> |
| <td>WLAN</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-18063</td> |
| <td>A-68992442<br /> |
| <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=b9c0beac8f021f774f39df54e1f96fd87c2660f0"> |
| QC-CR#2114776</a></td> |
| <td>EoP</td> |
| <td>High</td> |
| <td>WLAN</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-18064</td> |
| <td>A-68992438<br /> |
| <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=84f144bedd81ad154a26c76fb322903c25374d20"> |
| QC-CR#2114323</a></td> |
| <td>EoP</td> |
| <td>High</td> |
| <td>WLAN</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-15821</td> |
| <td>A-68992432<br /> |
| <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=44cd589c8a0f5a245e0003a7d0c4be1b5f3ba890"> |
| QC-CR#2113072</a></td> |
| <td>EoP</td> |
| <td>High</td> |
| <td>WLAN</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-14885</td> |
| <td>A-70237686<br /> |
| <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=44e992e169dbd601f95e845961cb2181b167a553"> |
| QC-CR#2113758</a></td> |
| <td>EoP</td> |
| <td>High</td> |
| <td>WLAN</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-18069</td> |
| <td>A-67582682<a href="#asterisk">*</a><br /> |
| QC-CR#2054772 QC-CR#2058471</td> |
| <td>ID</td> |
| <td>High</td> |
| <td>WLAN</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-14882</td> |
| <td>A-68992424<br /> |
| <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=cd10091f03f6255a47d7146eea5738f1f4ceea35"> |
| QC-CR#2101439</a></td> |
| <td>ID</td> |
| <td>High</td> |
| <td>WLAN</td> |
| </tr> |
| <tr> |
| <td>CVE-2017-14878</td> |
| <td>A-70237706<br /> |
| <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=27f1c544d6737bcb3dc4bb114badcd47ce946a8b"> |
| QC-CR#2064580</a> |
| [<a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=2167cc91261a50bf145467f4d03c8730a0d23709">2</a>] |
| [<a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=8952decf05939fad1cba625290ee7ae2ed528e12">3</a>]</td> |
| <td>DoS</td> |
| <td>High</td> |
| <td>Wireless network driver</td> |
| </tr> |
| </table> |
| |
| |
| <h3 id="qualcomm-closed-source-components">Qualcomm closed-source |
| components</h3> |
| <p>These vulnerabilities affect Qualcomm components and are described in |
| further detail in the appropriate Qualcomm AMSS security bulletin or security |
| alert. The severity assessment of these issues is provided directly by |
| Qualcomm.</p> |
| |
| <table> |
| <col width="17%"> |
| <col width="19%"> |
| <col width="9%"> |
| <col width="14%"> |
| <col width="39%"> |
| <tr> |
| <th>CVE</th> |
| <th>References</th> |
| <th>Type</th> |
| <th>Severity</th> |
| <th>Component</th> |
| </tr> |
| <tr> |
| <td>CVE-2017-17773</td> |
| <td>A-70221445 |
| QC-CR#2125554<a href="#asterisk">*</a></td> |
| <td>N/A</td> |
| <td>Critical</td> |
| <td>Closed-source component</td> |
| </tr> |
| <tr> |
| <td>CVE-2016-10393</td> |
| <td>A-68326806 |
| QC-CR#1055934<a href="#asterisk">*</a></td> |
| <td>N/A</td> |
| <td>High</td> |
| <td>Closed-source component</td> |
| </tr> |
| </table> |
| |
| <h2 id="common-questions-and-answers">Common questions and answers</h2> |
| <p> |
| This section answers common questions that may occur after reading this |
| bulletin.</p> |
| <p><strong>1. How do I determine if my device is updated to address these issues? |
| </strong></p> |
| <p>To learn how to check a device's security patch level, see |
| <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Check |
| and update your Android version</a>.</p> |
| <ul> |
| <li>Security patch levels of 2018-03-01 or later address all issues associated |
| with the 2018-03-01 security patch level.</li> |
| <li>Security patch levels of 2018-03-05 or later address all issues associated |
| with the 2018-03-05 security patch level and all previous patch levels.</li> |
| </ul> |
| <p> |
| Device manufacturers that include these updates should set the patch string |
| level to: |
| </p> |
| <ul> |
| <li>[ro.build.version.security_patch]:[2018-03-01]</li> |
| <li>[ro.build.version.security_patch]:[2018-03-05]</li> |
| </ul> |
| <p> |
| <strong>2. Why does this bulletin have two security patch levels?</strong> |
| </p> |
| <p> |
| This bulletin has two security patch levels so that Android partners have the |
| flexibility to fix a subset of vulnerabilities that are similar across all |
| Android devices more quickly. Android partners are encouraged to fix all issues |
| in this bulletin and use the latest security patch level. |
| </p> |
| <ul> |
| <li>Devices that use the 2018-03-01 security patch level must include all issues |
| associated with that security patch level, as well as fixes for all issues |
| reported in previous security bulletins.</li> |
| <li>Devices that use the security patch level of 2018-03-05 or newer must |
| include all applicable patches in this (and previous) security |
| bulletins.</li> |
| </ul> |
| <p> |
| Partners are encouraged to bundle the fixes for all issues they are addressing |
| in a single update. |
| </p> |
| <p id="type"> |
| <strong>3. What do the entries in the <em>Type</em> column mean?</strong> |
| </p> |
| <p> |
| Entries in the <em>Type</em> column of the vulnerability details table reference |
| the classification of the security vulnerability. |
| </p> |
| <table> |
| <col width="25%"> |
| <col width="75%"> |
| <tr> |
| <th>Abbreviation</th> |
| <th>Definition</th> |
| </tr> |
| <tr> |
| <td>RCE</td> |
| <td>Remote code execution</td> |
| </tr> |
| <tr> |
| <td>EoP</td> |
| <td>Elevation of privilege</td> |
| </tr> |
| <tr> |
| <td>ID</td> |
| <td>Information disclosure</td> |
| </tr> |
| <tr> |
| <td>DoS</td> |
| <td>Denial of service</td> |
| </tr> |
| <tr> |
| <td>N/A</td> |
| <td>Classification not available</td> |
| </tr> |
| </table> |
| <p> |
| <strong>4. What do the entries in the <em>References</em> column mean?</strong> |
| </p> |
| <p> |
| Entries under the <em>References</em> column of the vulnerability details table |
| may contain a prefix identifying the organization to which the reference value |
| belongs. |
| </p> |
| <table> |
| <col width="25%"> |
| <col width="75%"> |
| <tr> |
| <th>Prefix</th> |
| <th>Reference</th> |
| </tr> |
| <tr> |
| <td>A-</td> |
| <td>Android bug ID</td> |
| </tr> |
| <tr> |
| <td>QC-</td> |
| <td>Qualcomm reference number</td> |
| </tr> |
| <tr> |
| <td>M-</td> |
| <td>MediaTek reference number</td> |
| </tr> |
| <tr> |
| <td>N-</td> |
| <td>NVIDIA reference number</td> |
| </tr> |
| <tr> |
| <td>B-</td> |
| <td>Broadcom reference number</td> |
| </tr> |
| </table> |
| <p id="asterisk"> |
| <strong>5. What does a * next to the Android bug ID in the <em>References</em> |
| column mean?</strong> |
| </p> |
| <p> |
| Issues that are not publicly available have a * next to the Android bug ID in |
| the <em>References</em> column. The update for that issue is generally contained |
| in the latest binary drivers for Nexus devices available from the <a |
| href="https://developers.google.com/android/nexus/drivers">Google Developer |
| site</a>. |
| </p> |
| <p> |
| <strong>6. Why are security vulnerabilities split between this bulletin and |
| device/partner security bulletins, such as the Pixel / Nexus bulletin?</strong> |
| </p> |
| <p> |
| Security vulnerabilities that are documented in this security bulletin are |
| required in order to declare the latest security patch level on Android devices. |
| Additional security vulnerabilities that are documented in the |
| device / partner security bulletins are not required for declaring |
| a security patch level. Android device and chipset manufacturers are encouraged |
| to document the presence of other fixes on their devices through their own security |
| websites, such as the |
| <a href="https://security.samsungmobile.com/securityUpdate.smsb">Samsung</a>, |
| <a href="https://lgsecurity.lge.com/security_updates.html">LGE</a>, or |
| <a href="/security/bulletin/pixel/">Pixel / Nexus</a> |
| security bulletins. |
| </p> |
| <h2 id="versions">Versions</h2> |
| <table> |
| <col width="25%"> |
| <col width="25%"> |
| <col width="50%"> |
| <tr> |
| <th>Version</th> |
| <th>Date</th> |
| <th>Notes</th> |
| </tr> |
| <tr> |
| <td>1.0</td> |
| <td>March 5, 2018</td> |
| <td>Bulletin published.</td> |
| </tr> |
| <tr> |
| <td>1.1</td> |
| <td>March 7, 2018</td> |
| <td>Bulletin revised to include AOSP links.</td> |
| </tr> |
| </table> |
| </body></html> |
| |