1. Invictus0's Avatar
    New vulnerabilities can remotely compromise the kernel and execute code on Android devices connected to the same WiFi network due to a Qualcomm vulnerability.

    Google pushed a fix in the August 2019 security patch, if BB Android is impacted by this (and it may not be because of BB Android's kernel hardening) it seems the DTEK60, Key2, and Key2 LE could be at risk.

    However, in a security advisory posted on its website for the second bug (CVE-2019-10540), Qualcomm said this vulnerability impacted many more other chipsets, including: IPQ8074, MSM8996AU, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCS404, QCS405, QCS605, SD 636, SD 665, SD 675, SD 712, SD 710, SD 670, SD 730, SD 820, SD 835, SD 845, SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, and SXR1130.
    https://www.zdnet.com/article/qualpw...droid-devices/
    SoundChaser007 likes this.
    08-06-19 02:06 PM
  2. pgg101's Avatar
    Looking forward to the August patch sometime in September.
    08-06-19 09:09 PM
  3. Bla1ze's Avatar
    QualPwn is a new exploit for Qualcomm Snapdragon chips, here's what you need to know - https://www.androidcentral.com/qualp...qualcomm-chips
    08-07-19 11:31 AM
  4. thurask's Avatar
    From the Qualcomm bulletin, it seems the KEY2, KEY2LE, KEYone, Motion, and DTEK60 have hardware vulnerable to one or both of the Qualcomm-related CVEs (10539/10540); 10538 is a vulnerability within the Linux kernel according to Tencent. Whether or not the DTEK50 and Priv (or older) are vulnerable depends on if Qualcomm's testing for the vulnerability cleared them or if they didn't have any samples of hardware that old lying around at the office for testing.

    The KEY2 and LE should get the requisite August 5, 2019 or later security patch to plug this up sometime next month, the Motion maybe, the KEYone probably not (maybe one or two variants), and the DTEK60 a rational thought's chance in CB.
    08-07-19 12:46 PM
  5. Invictus0's Avatar
    From the Qualcomm bulletin, it seems the KEY2, KEY2LE, KEYone, Motion, and DTEK60 have hardware vulnerable to one or both of the Qualcomm-related CVEs (10539/10540); 10538 is a vulnerability within the Linux kernel according to Tencent. Whether or not the DTEK50 and Priv (or older) are vulnerable depends on if Qualcomm's testing for the vulnerability cleared them or if they didn't have any samples of hardware that old lying around at the office for testing.

    The KEY2 and LE should get the requisite August 5, 2019 or later security patch to plug this up sometime next month, the Motion maybe, the KEYone probably not (maybe one or two variants), and the DTEK60 a rational thought's chance in CB.
    The SD 425 and 450 are listed on Qualcomm's bulletin so you can add the Aurora and Evolve to the list, assuming BB Android is vulnerable.

    @Bla1ze is there any way to get a comment from BlackBerry about this? I assume we'd have to wait until they publish the August bulletin otherwise.
    08-07-19 03:36 PM
  6. Bla1ze's Avatar
    @Bla1ze is there any way to get a comment from BlackBerry about this? I assume we'd have to wait until they publish the August bulletin otherwise.
    The August update is rolling out for the NA KEY2's right now.. KEY2 LE will likely have it as well eventually.. other devices.. well, seeking an answer there.
    08-08-19 02:16 PM
  7. Invictus0's Avatar
    The August update is rolling out for the NA KEY2's right now.. KEY2 LE will likely have it as well eventually.. other devices.. well, seeking an answer there.
    They published their August 2019 bulletin but only one of the QualPwn vulnerabilities is listed, they also list CVE-2019-10538 which @thurask brought up.

    BlackBerry Powered by Android Security Bulletin - August 2019

    So I guess that means BB Android may not be vulnerable to the other two exploits but it would still be nice to see official confirmation from BlackBerry, especially considering this would be another "win" for their hardening.
    Dunt Dunt Dunt likes this.
    08-08-19 02:53 PM
  8. Bluebeary's Avatar
    They published their August 2019 bulletin but only one of the QualPwn vulnerabilities is listed, they also list CVE-2019-10538 which @thurask brought up.

    BlackBerry Powered by Android Security Bulletin - August 2019

    So I guess that means BB Android may not be vulnerable to the other two exploits but it would still be nice to see official confirmation from BlackBerry, especially considering this would be another "win" for their hardening.
    The vulnerability resides within a Qualcomm driver, exists on a lower level than the operating system, and therefore can only be fixed by a new Qualcomm driver. This will become a big security issue in the months to come, when a working exploit is out in the wild, as most newer Qualcomm SOCs worldwide are vulnerable.
    I believe Blackberry's hardening is overrated, especially as it basically happened when conditioning new system releases, last time back in 2018 for Oreo. Which, btw, still uses many beta release components.
    08-10-19 10:03 AM
  9. Invictus0's Avatar
    The vulnerability resides within a Qualcomm driver, exists on a lower level than the operating system, and therefore can only be fixed by a new Qualcomm driver. This will become a big security issue in the months to come, when a working exploit is out in the wild, as most newer Qualcomm SOCs worldwide are vulnerable.
    The August 5th update contains a patch for it so I assume there would be some mitigation at an OS level, kind of like Meltdown on Intel PCs.

    https://source.android.com/security/...omm-components
    08-10-19 08:23 PM

Similar Threads

  1. Cellebrite - BB Vulnerable?
    By chetmanley in forum BlackBerry Android OS
    Replies: 17
    Last Post: 03-19-19, 08:39 AM
  2. Replies: 20
    Last Post: 01-27-19, 07:49 AM
  3. Security - What are the vulnerabilities from EOL re updates?
    By Hikerdude48 in forum BlackBerry DTEK50
    Replies: 14
    Last Post: 10-18-18, 05:03 PM
  4. Replies: 1
    Last Post: 04-26-18, 06:53 AM
  5. Replies: 1
    Last Post: 01-06-18, 09:24 PM
LINK TO POST COPIED TO CLIPBOARD