黑莓官方发布2016年6月黑莓手机搭载Android系统安全公告,软件版本号为AAF153,升级更新文件大小1805.3MB。
下面的系统漏洞已经修复更新:
The following vulnerabilities have been remediated in this update:
Summary/摘要 | Description/说明 | CVE | ||
Remote Code Execution Vulnerability in Mediaserver | A remote code execution vulnerability in mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.The affected functionality is provided as a core part of the operating system and there are multiple applications that allow it to be reached with remote content, most notably MMS and browser playback of media. | CVE-2016-2463 | ||
Remote Code Execution Vulnerabilities in libwebm | Remote code execution vulnerabilities with libwebm could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.The affected functionality is provided as a core part of the operating system and there are multiple applications that allow it to be reached with remote content, most notably MMS and browser playback of media. | CVE-2016-2464 | ||
Elevation of Privilege Vulnerability in Qualcomm Video Driver | An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2016-2465 | ||
Elevation of Privilege Vulnerabilities in Qualcomm GPU Driver | Elevation of privilege vulnerabilities in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2016-2468 CVE-2016-2062 |
||
Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to invoke system calls changing the device settings and behavior without the privileges to do so. | CVE-2016-2475 | ||
Elevation of Privilege Vulnerabilities in Qualcomm Sound Driver | Elevation of privilege vulnerabilities in the Qualcomm sound driver could enable a malicious application to execute arbitrary code within the context of the kernel. | CVE-2016-2066 CVE-2016-2469 |
||
Elevation of Privilege Vulnerabilities in Mediaserver | Elevation of privilege vulnerabilities in mediaserver could enable a local malicious application to execute arbitrary code within the context of an elevated system application. | CVE-2016-2476 CVE-2016-2477 CVE-2016-2478 CVE-2016-2479 CVE-2016-2480 CVE-2016-2481 CVE-2016-2482 CVE-2016-2483 CVE-2016-2484 CVE-2016-2485 CVE-2016-2486 CVE-2016-2487 |
||
Elevation of Privilege Vulnerabilities in Qualcomm Camera Driver | Elevation of privilege vulnerabilities in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2016-2061 CVE-2016-2488 |
||
Elevation of Privilege Vulnerability in Qualcomm Video Driver | An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2016-2489 | ||
Elevation of Privilege Vulnerability in SD Card Emulation Layer | An elevation of privilege vulnerability in the SD Card userspace emulation layer could enable a local malicious application to execute arbitrary code within the context of an elevated system application. | CVE-2016-2494 | ||
Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2016-2493 | ||
Remote Denial of Service Vulnerability in Mediaserver | A remote denial of service vulnerability in mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | CVE-2016-2495 | ||
Elevation of Privilege Vulnerability in Framework UI | An elevation of privilege vulnerability in the Framework UI permission dialog window could enable an attacker to gain access to unauthorized files in private storage. | CVE-2016-2496 | ||
Information Disclosure Vulnerability in Mediaserver | An information disclosure vulnerability in mediaserver could allow an application to access sensitive information. | CVE-2016-2499 | ||
Information Disclosure Vulnerability in Activity Manager | An information disclosure vulnerability in the Activity Manager component could allow an application to access sensitive information. |
建议黑莓安卓系统手机及时更新升级。
Latest posts by berrylink (see all)
- IFC Films 发布电影《黑莓》预告片 预计5月份在加拿大和美国上映 - 2023年3月16日
- 解决黑莓10手机重置系统无法加载、更新激活手机的问题 WiFi 设置上(初始设置) - 2022年5月4日
- 有关莓友来信提问的回复 如黑莓官方商城、黑莓是否退出中国等问题 - 2022年4月27日
评论前必须登录!
注册