Headline
CVE-2023-5801: November
Vulnerability of identity verification being bypassed in the face unlock module. Successful exploitation of this vulnerability will affect integrity and confidentiality.
HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:
This security update includes the following third-party library patches:
This security update includes the CVE announced in the October 2023 Android security bulletin:
Critical: CVE-2023-4863
High: CVE-2023-40128, CVE-2023-21266, CVE-2023-40121, CVE-2023-40123, CVE-2023-40133, CVE-2023-40134, CVE-2023-40135, CVE-2023-40136, CVE-2023-40137, CVE-2023-40138, CVE-2023-40139, CVE-2023-40140, CVE-2023-40125, CVE-2023-40127, CVE-2023-40130, CVE-2023-33034, CVE-2023-33035, CVE-2023-21394
Medium: none
Low: none
Already included in previous updates: CVE-2023-21281, CVE-2022-20281, CVE-2023-21177
※ For more information on security patches, please refer to the Android security bulletins (https://source.android.com/security/bulletin).
This security update includes the following HUAWEI patches:
CVE-2022-48613: Race condition vulnerability in the kernel module
Severity: Medium
Affected versions: EMUI 13.0.0, EMUI 12.0.0
Impact: Successful exploitation of this vulnerability may cause variable values to be read with the condition evaluation bypassed.
CVE-2023-44098: Vulnerability of missing encryption in the card management module
Severity: Medium
Affected versions: EMUI 13.0.0, EMUI 12.0.1, EMUI 11.0.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-44115: Vulnerability of improper permission control in the Booster module
Severity: Medium
Affected versions: EMUI 13.0.0, EMUI 12.0.1, EMUI 12.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-46755: Vulnerability of input parameters being not strictly verified in the input method module
Severity: Medium
Affected versions: EMUI 13.0.0, EMUI 12.0.1 , EMUI 12.0.0
Impact: Successful exploitation of this vulnerability may cause the launcher to restart.
CVE-2023-46756: Permission control vulnerability in the window management module
Severity: Medium
Affected versions: EMUI 13.0.0, EMUI 12.0.1 , EMUI 12.0.0, EMUI 11.0.1
Impact: Successful exploitation of this vulnerability may cause malicious pop-up windows.
CVE-2023-46758: Permission management vulnerability in the multi-screen interaction module
Severity: Medium
Affected versions: EMUI 13.0.0, EMUI 12.0.1 , EMUI 12.0.0, EMUI 11.0.1
Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.
CVE-2023-46759: Permission control vulnerability in the call module
Severity: Medium
Affected versions: EMUI 13.0.0, EMUI 12.0.1 , EMUI 12.0.0, EMUI 11.0.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-46760: Out-of-bounds write vulnerability in the kernel driver module
Severity: Medium
Affected versions: EMUI 13.0.0
Impact: Successful exploitation of this vulnerability may cause process exceptions.
CVE-2023-46761: Out-of-bounds write vulnerability in the kernel driver module
Severity: Medium
Affected versions: EMUI 13.0.0
Impact: Successful exploitation of this vulnerability may cause process exceptions.
CVE-2023-46762: Out-of-bounds write vulnerability in the kernel driver module
Severity: Medium
Affected versions: EMUI 13.0.0
Impact: Successful exploitation of this vulnerability may cause process exceptions.
CVE-2023-46763: Vulnerability of background app permission management in the framework module
Severity: Medium
Affected versions: EMUI 13.0.0, EMUI 12.0.1 , EMUI 12.0.0, EMUI 11.0.1
Impact: Successful exploitation of this vulnerability may cause background apps to start maliciously.
CVE-2023-46764: Unauthorized startup vulnerability of background apps
Severity: Medium
Affected versions: EMUI 13.0.0, EMUI 12.0.1 , EMUI 12.0.0, EMUI 11.0.1
Impact: Successful exploitation of this vulnerability may cause background apps to start maliciously.
CVE-2023-46765: Vulnerability of uncaught exceptions in the NFC module
Severity: Medium
Affected versions: EMUI 13.0.0, EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1
Impact: Successful exploitation of this vulnerability can affect NFC availability.
CVE-2023-46766: Out-of-bounds write vulnerability in the kernel driver module
Severity: Medium
Affected versions: EMUI 13.0.0
Impact: Successful exploitation of this vulnerability may cause process exceptions.
CVE-2023-46767: Out-of-bounds write vulnerability in the kernel driver module
Severity: Medium
Affected versions: EMUI 13.0.0
Impact: Successful exploitation of this vulnerability may cause process exceptions.
CVE-2023-46768: Multi-thread vulnerability in the idmap module
Severity: High
Affected versions: EMUI 13.0.0
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2023-46769: Use-After-Free (UAF) vulnerability in the dubai module
Severity: High
Affected versions: EMUI 13.0.0
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2023-46770: Out-of-bounds vulnerability in the sensor module
Severity: High
Affected versions: EMUI 13.0.0, EMUI 12.0.0
Impact: Successful exploitation of this vulnerability may cause mistouch prevention errors on users’ mobile phones.
CVE-2023-46771: Security vulnerability in the face unlock module
Severity: Medium
Affected versions: EMUI 13.0.0, EMUI 12.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-46772: Vulnerability of parameters being out of the value range in the QMI service module
Severity: Medium
Affected versions: EMUI 11.0.1
Impact: Successful exploitation of this vulnerability may cause errors in reading file data.
CVE-2023-46774: Vulnerability of uncaught exceptions in the NFC module
Severity: Medium
Affected versions: EMUI 13.0.0, EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1
Impact: Successful exploitation of this vulnerability can affect NFC availability.
CVE-2023-5801: Vulnerability of identity verification being bypassed in the face unlock module
Severity: Critical
Affected versions: EMUI 13.0.0, EMUI 12.0.0
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Related news
In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
In NFC, there is a possible way to setup a default contactless payment app without user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In onBindingDied of CallRedirectionProcessor.java, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege and background activity launch with no additional execution privileges needed. User interaction is not needed for exploitation.
In android_view_InputDevice_create of android_view_InputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe deserialization. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
In killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Two notable vulnerabilities in Google Chrome should be patched asap, and an allegedly new ransomware-as-a-service group.
Ubuntu Security Notice 6369-2 - USN-6369-1 fixed a vulnerability in libwebp. This update provides the corresponding update for Ubuntu 18.04 LTS. It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code.
DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.
Red Hat Security Advisory 2023-5223-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.1. Issues addressed include a buffer overflow vulnerability.
An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-4863: A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library.
An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-4863: A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library.
An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-4863: A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library.
An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-4863: A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this f...
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-4863: A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library.
Mozilla on Tuesday released security updates to resolve a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in the wild, a day after Google released a fix for the issue in its Chrome browser. The shortcoming, assigned the identifier CVE-2023-4863, is a heap buffer overflow flaw in the WebP image format that could result in arbitrary code execution when
Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Chrome Tags: CVE-2023-4863 Tags: WebP Tags: buffer overflow Tags: 116.0.5845.187/.188 Chrome users are being urged to patch a critical vulnerability for which an exploit is available. (Read more...) The post Update Chrome now! Google patches critical vulnerability being exploited in the wild appeared first on Malwarebytes Labs.
In multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. This could lead to local escalation of privilege across users with no additional execution privileges needed. User interaction is not needed for exploitation.
In doKeyguardLocked of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In applyRemoteView of NotificationContentInflater.java, there is a possible way to hide foreground service notification due to misleading or insufficient UI. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251586912
In Settings, there is a possible way to determine whether an app is installed without query permissions, due to side channel information disclosure. This could lead to local information disclosure of an installed package, without proper query permissions, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-189122911