Forgot your password?

RIM Confirms Fix of “Elevation of Privilege Vulnerability” (Aka Dingleberry Jailbreak)

RIM Documentation Dingleberry

RIM has plucked the Dingleberry! They have finally come out of the closet with their documentation on the current root exploit of the BlackBerry PlayBook. They have clarified that the latest BlackBerry PlayBook OS 1.0.8.6067 fixes the exploit that allowed the Dingleberry creators to gain escalated privileges. They don’t go into to much detail but this is exactly what system admins were looking for from RIM. RIM has also confirmed the fix on their blog along with mentioning that the new OS brings daylight savings time fixes.

Check out the full details on what RIM calls the “Elevation of privilege vulnerability in file sharing capability impacts the BlackBerry PlayBook tablet software” or just read it below:

Elevation of privilege vulnerability in file sharing capability impacts the BlackBerry PlayBook tablet software

Article ID: KB29191

Type:   Security Advisory

First Published: 12-06-2011

Last Modified: 12-06-2011

Product(s) Affected:

  • BlackBerry® PlayBook™

Products

  • Affected Software
    • BlackBerry® PlayBook™ tablet software version 1.0.8.4985 and earlier
  • Non Affected Software
    • BlackBerry PlayBook tablet software version 1.0.8.6067 or later
  • Are BlackBerry smartphones and the BlackBerry Device Software affected?
    • No.

Issue Severity

This vulnerability has a Common Vulnerability Scoring System (CVSS) score of 7.2.

Overview

A vulnerability that could allow elevation of access privilege on a BlackBerry PlayBook tablet exists in the BlackBerry PlayBook service used to share files over a USB connection between the tablet and a computer running BlackBerry Desktop Software. This vulnerability cannot be exploited by a remote attacker and it presents a low security risk of elevation of privilege attacks against BlackBerry PlayBook tablet users. RIM is not currently aware of this issue being used in attacks against BlackBerry customers.

A user could execute specially crafted code to use this vulnerability to manipulate a BlackBerry PlayBook backup archive file and alter a specific configuration file in order to gain root user privileges (access to system administration-level functionality) on the BlackBerry PlayBook tablet. An individual attempting to use this vulnerability to gain root privileges to the BlackBerry PlayBook tablet requires local access to both the tablet and to the connected computer running BlackBerry Desktop Software, including knowledge of any security passwords that are set.

Who should read this advisory

  • BlackBerry PlayBook tablet users
  • IT administrators who deploy BlackBerry PlayBook tablets in an enterprise

Who should apply the software fix(es)

  • BlackBerry PlayBook tablet users
  • IT administrators who deploy BlackBerry PlayBook tablets in an enterprise

Recommendation

Complete the resolution actions documented in this advisory. RIM recommends that all users apply the available software update to fully protect their BlackBerry PlayBook tablet.

References

CVE® Identifier: CVE-2011-0291

Problem

If the BlackBerry PlayBook tablet user turns on the File Sharing option, the user can share files over an active USB connection between the tablet and a computer that is running BlackBerry Desktop Software. The user can use the BlackBerry Desktop Software to create a backup archive file of part of the contents of the BlackBerry PlayBook file system. The archive file is stored on the connected computer.

A user with local access to the tablet and the computer could use the vulnerability to manipulate a BlackBerry PlayBook backup archive file and alter a File Sharing service configuration file in order to gain root user privileges on the BlackBerry PlayBook tablet. As best practices, users should set a strong BlackBerry PlayBook tablet password, and also set a password to protect shared files when enabling file sharing.

Impact

A successful exploitation of the vulnerability would allow a user to alter his or her BlackBerry PlayBook tablet software in order to obtain access to systems or applications not officially authorized or distributed by RIM. As a result, the user could unknowingly bypass security controls protecting the BlackBerry Tablet OS and his or her user data. Those protections are provided by design to a user running with standard privileges. Under the conditions of the compromise, the tablet could be more susceptible to performance and stability concerns, and could be at higher risk for potential security vulnerabilities against which the user would otherwise be protected.

Mitigations

RIM recommends that all users apply the available software update (BlackBerry PlayBook tablet software version 1.0.8.6067) to fully protect their BlackBerry PlayBook tablet. However, prior to the software update being applied, the risk of exploitation is mitigated by the fact that the user can only exploit the vulnerability locally on a BlackBerry PlayBook tablet while having access to the BlackBerry PlayBook backup file on a computer that is connected to the tablet over USB.

Resolution

RIM has issued BlackBerry PlayBook tablet software version 1.0.8.6067 which resolves this vulnerability on affected versions of the tablet. Update your BlackBerry PlayBook tablet software to version 1.0.8.6067 or later to apply the update.

Note: This BlackBerry PlayBook tablet update includes all previously released security updates to the BlackBerry Tablet OS.

Update by Accessing the Software Update Notification

Your BlackBerry PlayBook tablet uses notifications to keep you informed about software updates. When a new software update notification comes in, it appears in the BlackBerry PlayBook status ribbon at the top of the screen.

Simply view your notifications and follow the steps to access the latest software update notification and complete the software update.

Manually Check for Software Updates

  1. From the home screen, tap to open Options.
  2. Tap Software Updates.
  3. Tap Check for Updates.

After you update your software, the screen will indicate that you have installed BlackBerry Tablet OS version 1.0.8.6067 or later.

Workaround

All workarounds should be considered temporary measures for customers to employ if they cannot install the update immediately or must perform standard testing and risk analysis. RIM recommends that customers without these requirements simply install the update to secure their systems.

Encrypt backup files

If a user chooses to create a backup of the BlackBerry PlayBook tablet, the user should select theEncrypt backup file check box during the backup process to encrypt the backup file. For more information, see Backup smartphone or tablet data in the BlackBerry Desktop Software User Guide.

Related best practices

  • To ensure the security of user data, users should store their backup files securely, whether they choose to encrypt them or not.
  • To increase the difficulty of decrypting a backup file, users should always use a strong password to encrypt the data. A strong password has the following characteristics:
    • includes punctuation marks, numbers, capital and lowercase letters
    • does not include the user name, account name, or any word or phrase that would be easily guessed
    • is not the same as the BlackBerry PlayBook tablet password

Additional Information

Have any BlackBerry customers been subject to an attack that exploits this vulnerability?

RIM is not aware of any attacks on or specifically targeting BlackBerry PlayBook tablet users.

How would an attacker exploit this vulnerability?

An individual attempting to use this vulnerability to gain root privileges to the BlackBerry PlayBook tablet requires local access to both the tablet and to the connected computer running BlackBerry Desktop Software, including knowledge of any security passwords that are set. A local user could execute specially crafted code to use this vulnerability to manipulate a BlackBerry PlayBook backup archive file and alter a specific configuration file in order to gain root user privileges (access to system administration-level functionality) on the BlackBerry PlayBook tablet.

What component does this vulnerability affect?

This vulnerability affects the file sharing capability of the BlackBerry PlayBook tablet.

What risks might a user incur by exploiting this vulnerability on his or her tablet?

A successful exploitation of the vulnerability would allow a user to alter his or her BlackBerry PlayBook tablet software in order to obtain access to systems or applications not officially authorized or distributed by RIM. As a result, the user could unknowingly bypass security controls protecting the BlackBerry Tablet OS and his or her user data. Those protections are provided by design to a user running with standard privileges. Under the conditions of the compromise, the tablet could be more susceptible to performance and stability concerns, and could be at higher risk for potential security vulnerabilities against which the user would otherwise be protected.

Does the BlackBerry PlayBook tablet force me to update my software?

No, your action is required to update the software. Your BlackBerry PlayBook tablet uses notifications to keep you informed about software updates and allows you to easily complete a software update. You can also manually check for software updates. See the Resolution section of this advisory for steps to update your software.

How can I find out what version of BlackBerry Tablet OS I am running?

From the home screen, tap the Settings icon, tap About, and view the OS Version field in the General settings.

Are new (still in the box) BlackBerry PlayBook tablets exposed to this vulnerability?

No. During the initial setup process, the BlackBerry PlayBook tablet will download and install the latest version of the BlackBerry Tablet OS, which will be version 1.0.8.6067 or later. The fix for this vulnerability is included in all future versions of the BlackBerry PlayBook tablet software.

What is CVE?

Common Vulnerabilities and Exposures (CVE) is a dictionary of common names (CVE Identifiers) for publicly known information security vulnerabilities maintained by the MITRE corporation.

What is CVSS?

CVSS is a vendor agnostic, industry open standard designed to convey the severity of vulnerabilities. CVSS scores may be used to determine the urgency for update deployment within an organization. CVSS scores range from 0.0 (no vulnerability) to 10.0 (critical). RIM uses CVSS for vulnerability assessments to present an immutable characterization of security issues. RIM assigns all relevant security issues a non-zero score.

Where can I read more about BlackBerry PlayBook security?

Read the BlackBerry PlayBook Security Technical Overview for more information on security features in the BlackBerry PlayBook tablet.

Where can I read more about the security of BlackBerry products and solutions?

Visit http://www.blackberry.com/security for more information on BlackBerry security.

1 comment on this postSubmit your comment!
  1. It’s a shame that Dingleberry didn’t force RIM to actually fix the source code leaking issue :(

BlackBerry© is a registered Trademark of BlackBerry Limited. BerryReview is in no way affiliated with BlackBerry Limited though sometimes their lawyers send us love letters...

Copyright © 2007-‘2016’ BerryReview LLC