昨天晚上，从ShopBlackBerry.com上购买的Priv by BlackBerry已经开始收到最新的软件升级，版本号为：AAE016，其他版本的Priv升级推送需要根据当地运营商而定。
|Remote Code Execution Vulnerability in Mediaserver||During media file and data processing of a specially crafted file, a vulnerability in mediaserver could allow an attacker to cause memory corruption and remote code execution as the mediaserver process.
The affected functionality is provided as a core part of the operating system and there are multiple applications that allow it to be reached with remote content, most notably MMS and browser playback of media.
|Remote Code Execution Vulnerabilities in libvpx||There are multiple vulnerabilities in libvpx that could allow remote code execution in the privileged process mediaserver.||CVE-2016-1621|
|Elevation of Privilege Vulnerability in Conscrypt||An elevation of privilege vulnerability in the Conscrypt component can enable a man in the middle to intercept, manipulate, and inject arbitrary content on an encrypted communication leading to remote code execution.||CVE-2016-0818|
|Elevation of Privilege Vulnerability in Keyring Component||An elevation of privilege vulnerability in the Kernel Keyring Component can enable a local malicious application to execute arbitrary code within the kernel.||CVE-2016-0728|
|Mitigation Bypass Vulnerability in the Kernel||A mitigation bypass vulnerability in the kernel can permit a bypass of security measures in place to increase the difficulty of attackers exploiting the platform.||CVE-2016-0821|
|Information Disclosure Vulnerability in Kernel||An information disclosure vulnerability in the kernel can permit a bypass of security measures in place to increase the difficulty of attackers exploiting the platform.||CVE-2016-0823|
|Elevation of Privilege Vulnerabilities in Mediaserver||Elevation of privilege vulnerabilities in mediaserver can enable a local malicious application to execute arbitrary code within the context of an elevated system application.||CVE-2016-0826
|Information Disclosure Vulnerabilities in Mediaserver||Information disclosure vulnerabilities in mediaserver can permit a bypass of security measures in place to increase the difficulty of attackers exploiting the platform.||CVE-2016-0828
|Information Disclosure Vulnerability in Telephony||An information disclosure vulnerability in the Telephony component could allow an application to access sensitive information.||CVE-2016-0831|
|Elevation of Privilege Vulnerability in Setup Wizard||A vulnerability in the Setup Wizard could enable an attacker who had physical access to the device to gain access to device settings and perform a manual device reset.||CVE-2016-0832|