BerryLink
专注黑莓,为你而在

黑莓官方发布黑莓PRIV手机Android系统安全公告

黑莓官方在2016年1月4日开始全球范围内为黑莓安卓系统手机Blackberry Priv手机进行安全系统更新推送,新系统解决已发现的多个Android系统漏洞,建议用户升级更新。

本次更新修复的系统安全漏洞

The following vulnerabilities have been remediated in this update:

Summary Description CVE
Remote Code Execution Vulnerability in Mediaserver During media file and data processing of a specially crafted file, vulnerabilities in mediaserver could allow an attacker to cause memory corruption and remote code execution as the mediaserver process.
The affected functionality is provided as a core part of the operating system and there are multiple applications that allow it to be reached with remote content, most notably MMS and browser playback of media.
CVE-2015-6636
Elevation of Privilege Vulnerability in Setup Wizard An elevation of privilege vulnerability in the Setup Wizard can enable an attacker with physical access to the device to gain access to device settings and perform a manual device reset. CVE-2015-6643
Elevation of Privilege Vulnerability in Wi-Fi An elevation of privilege vulnerability in the Wi-Fi component can enable a locally proximate attacker to gain access to Wi-Fi service related information. A device is only vulnerable to this issue while in local proximity. CVE-2015-5310
Information Disclosure Vulnerability in Bouncy Castle An information disclosure vulnerability in the Bouncy Castle can enable a local malicious application to gain access to user’s private information. CVE-2015-6644
Denial of Service Vulnerability in SyncManager A denial of service vulnerability in the SyncManager can enable a local malicious application to cause a reboot loop. CVE-2015-6645

请遵循网络共享条款,保留原作者与链接:黑莓手机爱好者 » 黑莓官方发布黑莓PRIV手机Android系统安全公告

分享到:更多 ()

评论 抢沙发

评论前必须登录!

BerryLink专注BlackBerry的开放式平台,邀您加入

加入我们团队成员