BlackBerry has today rolled out the May 2017 Android Security update to BlackBery-branded Android devices.
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. BlackBerry releases security bulletins to notify users of its Android smartphones about available security fixes.
Google have made two security patches available and, as always, BlackBerry have incorprated the latest patch – May 5, 2017.
The following vulnerabilities have been remediated in this update:
| Summary | CVE | ||
| Elevation of Privilege in Android Runtime | CVE-2017-13274 | ||
| Remote Code Execution in Media Framework | CVE-2017-13276 | ||
| Remote Code Execution in Media Framework | CVE-2017-13277 | ||
| Elevation of Privilege in Media Framework | CVE-2017-13278 | ||
| Denial of Service in Media Framework | CVE-2017-13279 | ||
| Denial of Service in Media Framework | CVE-2017-13280 | ||
| Remote Code Execution in Bluetooth | CVE-2017-13282 | ||
| Remote Code Execution in Bluetooth | CVE-2017-13283 | ||
| Remote Code Execution in Bluetooth | CVE-2017-13267 | ||
| Elevation of Privilege in Bluetooth | CVE-2017-13284 | ||
| Remote Code Execution in SVOX | CVE-2017-13285 | ||
| Elevation of Privilege in VerifyCredentialResponse | CVE-2017-13287 | ||
| Elevation of Privilege in RTTManager | CVE-2017-13289 | ||
| Information Disclosure in Bluetooth | CVE-2017-13290 | ||
| Denial of Service in Bluetooth | CVE-2017-13291 | ||
| Information Disclosure in Kernel Memory Mapping | CVE-2017-5754 | ||
| Information Disclosure in Qualcomm WLAN | CVE-2017-13077 | ||
| Elevation of Privilege in Qualcomm WLAN | CVE-2018-3566 | ||
| Elevation of Privilege in Qualcomm Audio Driver | CVE-2018-3563 | ||
| Vulnerability in Qualcomm Secure Systems Group | CVE-2017-8274 | ||
| Vulnerability in Qualcomm Modem | CVE-2017-18138 | ||
| Information Disclosure in Framework | CVE-2017-13294 | ||
| Denial of Service in Framework | CVE-2017-13295 | ||
| Denial of Service in Media Framework | CVE-2017-13300 | ||
| Denial of Service in Media Framework | CVE-2017-13296 | ||
| Denial of Service in Media Framework | CVE-2017-13297 | ||
| Denial of Service in Media Framework | CVE-2017-13298 | ||
| Denial of Service in Media Framework | CVE-2017-13299 | ||
| Information Disclosure in Kernel Encrypted-keys | CVE-2017-13305 | ||
| Information Disclosure in Kernel Netlink Tap | CVE-2017-17449 | ||
| Elevation of Privilege in Kernel Pci Sysfs | CVE-2017-13307 | ||
| Elevation of Privilege in Kernel Net Ipv4 | CVE-2017-17712 | ||
| Elevation of Privilege in Kernel Sctp | CVE-2017-15115 | ||
| Information Disclosure in Qualcomm Camera_v2 Driver | CVE-2018-3598 | ||
| Elevation of Privilege in Qualcomm WLAN | CVE-2018-5823 | ||
| Elevation of Privilege in Qualcomm IPA Driver | CVE-2018-5825 | ||
| Elevation of Privilege in Qualcomm WLAN | CVE-2018-5824 | ||
| Elevation of Privilege in Qualcomm WLAN | CVE-2018-5827 | ||
| Elevation of Privilege in Qualcomm QC WLAN | CVE-2018-5822 | ||
| Elevation of Privilege in Qualcomm Modem Driver | CVE-2018-5821 | ||
| Elevation of Privilege in Qualcomm Modem Driver | CVE-2018-5820 | ||
| Elevation of Privilege in Qualcomm Qualcomm Core Services | CVE-2018-3599 | ||
| Elevation of Privilege in Qualcomm WLAN | CVE-2018-3568 | ||
| Elevation of Privilege in Qualcomm WLAN | CVE-2018-3567 | ||
| Elevation of Privilege in Qualcomm QC WLAN | CVE-2018-5828 | ||
| Elevation of Privilege in Qualcomm QC WLAN | CVE-2017-14890 | ||
| Elevation of Privilege in Qualcomm QC WLAN | CVE-2017-14894 | ||
| Elevation of Privilege in Qualcomm IPA WAN Driver | CVE-2017-14880 |
If you own an Android device from BlackBerry and are not seeing the system update message, you can check manually by heading into Settings -> About phone -> System updates and checking manually. Look for the following Android security patch level: May 5, 2017.
Updated software builds may also be available from other retailers or carriers, dependent on their deployment schedules.
