BerryLink
专注黑莓,为你而在

黑莓手机搭载Android系统安全公告 – 2016年6月

黑莓官方发布2016年6月黑莓手机搭载Android系统安全公告,软件版本号为AAF153,升级更新文件大小1805.3MB。Android Security

下面的系统漏洞已经修复更新

The following vulnerabilities have been remediated in this update:

Summary/摘要 Description/说明 CVE
Remote Code Execution Vulnerability in Mediaserver A remote code execution vulnerability in mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.The affected functionality is provided as a core part of the operating system and there are multiple applications that allow it to be reached with remote content, most notably MMS and browser playback of media. CVE-2016-2463
Remote Code Execution Vulnerabilities in libwebm Remote code execution vulnerabilities with libwebm could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.The affected functionality is provided as a core part of the operating system and there are multiple applications that allow it to be reached with remote content, most notably MMS and browser playback of media. CVE-2016-2464
Elevation of Privilege Vulnerability in Qualcomm Video Driver An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-2465
Elevation of Privilege Vulnerabilities in Qualcomm GPU Driver Elevation of privilege vulnerabilities in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-2468
CVE-2016-2062
Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to invoke system calls changing the device settings and behavior without the privileges to do so. CVE-2016-2475
Elevation of Privilege Vulnerabilities in Qualcomm Sound Driver Elevation of privilege vulnerabilities in the Qualcomm sound driver could enable a malicious application to execute arbitrary code within the context of the kernel. CVE-2016-2066
CVE-2016-2469
Elevation of Privilege Vulnerabilities in Mediaserver Elevation of privilege vulnerabilities in mediaserver could enable a local malicious application to execute arbitrary code within the context of an elevated system application. CVE-2016-2476
CVE-2016-2477
CVE-2016-2478
CVE-2016-2479
CVE-2016-2480
CVE-2016-2481
CVE-2016-2482
CVE-2016-2483
CVE-2016-2484
CVE-2016-2485
CVE-2016-2486
CVE-2016-2487
Elevation of Privilege Vulnerabilities in Qualcomm Camera Driver Elevation of privilege vulnerabilities in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-2061
CVE-2016-2488
Elevation of Privilege Vulnerability in Qualcomm Video Driver An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-2489
Elevation of Privilege Vulnerability in SD Card Emulation Layer An elevation of privilege vulnerability in the SD Card userspace emulation layer could enable a local malicious application to execute arbitrary code within the context of an elevated system application. CVE-2016-2494
Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-2493
Remote Denial of Service Vulnerability in Mediaserver A remote denial of service vulnerability in mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. CVE-2016-2495
Elevation of Privilege Vulnerability in Framework UI An elevation of privilege vulnerability in the Framework UI permission dialog window could enable an attacker to gain access to unauthorized files in private storage. CVE-2016-2496
Information Disclosure Vulnerability in Mediaserver An information disclosure vulnerability in mediaserver could allow an application to access sensitive information. CVE-2016-2499
Information Disclosure Vulnerability in Activity Manager An information disclosure vulnerability in the Activity Manager component could allow an application to access sensitive information.

建议黑莓安卓系统手机及时更新升级。

berrylink

berrylink

网站编辑 at BerryLink
黑莓,为你而在....
热情,奉献,坚持——发自内心的喜爱.
berrylink
赞(0)
请遵循网络共享条款,保留原作者与链接:黑莓手机爱好者 » 黑莓手机搭载Android系统安全公告 – 2016年6月
分享到: 更多 (0)

评论 抢沙发

评论前必须登录!

 

BerryLink专注BlackBerry的开放式平台,邀您加入

加入我们团队成员