JVN#74829345
Multiple Android devices vulnerable to denial-of-service (DoS)
Overview
Multiple Android devices contains a denial-of-service (DoS) vulnerability.
Products Affected
A wide range of products are affected.
For more information, refer to the information provided by the developer or distributor.
Description
Multiple Android devices contain an issue when referencing specific system area, which may lead to a denial-of-service (DoS).
Impact
The device may crash as a result of accessing a specific file.
Solution
Update the software
Update to the latest version according to the information provided by the developer or distributor.
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| KDDI CORPORATION | Vulnerable | 2013/01/09 | KDDI CORPORATION website |
| NTT DOCOMO, INC. | Vulnerable | 2012/11/14 | NTT DOCOMO, INC. website |
| Panasonic Corporation | Not Vulnerable | 2012/11/14 | |
| SoftBank | Vulnerable | 2013/03/05 |
References
JPCERT/CC Addendum
It has been confirmed that this issue was not reproducible on the Android emulator.
Vulnerability Analysis by JPCERT/CC
Credit
Tsukasa Oi of Fourteenforty Research Institue, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
|
| JVN iPedia |
JVNDB-2012-000102 |
Update History
- 2012/11/16
- SoftBank update status
- 2012/12/10
- KDDI CORPORATION update status
- 2012/12/28
- KDDI CORPORATION update status
- 2013/01/09
- KDDI CORPORATION update status
- 2013/02/19
- SoftBank update status
- 2013/03/05
- SoftBank update status