BerryLink
专注黑莓,为你而在

黑莓发布搭载Android系统Blackberry手机安全公告-2017年1月

黑莓官方发布2017年1月份搭载Android系统Blackberry手机(PRIV/DTEK)安全公告,此次更新主要修复高通官方已披露的漏洞(如GPU驱动漏洞,wifi驱动漏洞等)以及部分已知Android系统漏洞。Android Security

更新机型包含已上市黑莓安卓系统机型手机Blackberry PRIV/DTEK50/DTEK60. 官方从1月5日开始OTA推送。

此次更新可修复如下漏洞:

Summary/摘要   Description/说明   CVE/漏洞编号
Remote Code Execution Vulnerability in Mediaserver   A remote code execution vulnerability in mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.   CVE-2017-0381
Remote Code Execution Vulnerability in Framesequence   A remote code execution vulnerability in the framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process.   CVE-2017-0382
Elevation of Privilege Vulnerabilities in Audioserver   Elevation of privilege vulnerabilities in audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process.   CVE-2017-0384
CVE-2017-0385
Elevation of Privilege Vulnerability in libnl   An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process.   CVE-2017-0386
Elevation of Privilege Vulnerability in Mediaserver   An elevation of privilege vulnerability in mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process.   CVE-2017-0387
Denial of Service Vulnerability in Core Networking   A denial of service vulnerability in core networking could enable a remote attacker to use specially crafted network packet to cause a device hang or reboot.   CVE-2017-0389
Denial of Service Vulnerabilities in Mediaserver   Denial of service vulnerabilities in mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot.   CVE-2017-0390
CVE-2017-0391
CVE-2017-0392
CVE-2017-0393
Denial of Service Vulnerability in Telephony   A denial of service vulnerability in telephony could enable a remote attacker to cause a device hang or reboot.   CVE-2017-0394
Elevation of Privilege Vulnerability in Contacts   An elevation of privilege vulnerability in contacts could enable a local malicious application to silently create contact information.   CVE-2017-0395
Information Disclosure Vulnerabilities in Mediaserver   Information disclosure vulnerabilities in mediaserver could enable a local malicious application to access data outside of its permission levels.   CVE-2017-0396
CVE-2017-0397
Information Disclosure Vulnerabilities in Audioserver   Information disclosure vulnerabilities in audioserver could enable a local malicious application to access data outside of its permission levels.   CVE-2017-0398
CVE-2017-0399
CVE-2017-0400
CVE-2017-0401
CVE-2017-0402
Elevation of Privilege Vulnerability in Kernel Memory Subsystem   An elevation of privilege vulnerability in the kernel memory subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2015-3288
Elevation of Privilege Vulnerabilities in Qualcomm Bootloader   Elevation of privilege vulnerabilities in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2016-8422
CVE-2016-8423
Elevation of Privilege Vulnerability in Qualcomm GPU Driver   An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2016-8434
Vulnerabilities in Qualcomm Components   These security vulnerabilities affect Qualcomm components, and are described in further detail in the appropriate Qualcomm AMSS security bulletin or security alert.   CVE-2016-8398
CVE-2016-8437
CVE-2016-8438
CVE-2016-8439
CVE-2016-8440
CVE-2016-8441
CVE-2016-8442
CVE-2016-8443
CVE-2016-8459
CVE-2016-5080
Elevation of Privilege Vulnerabilities in Qualcomm Camera   Elevation of privilege vulnerabilities in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2016-8412
CVE-2016-8444
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver   An elevation of privilege vulnerability in the Qualcomm wi-fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2016-8415
Elevation of Privilege Vulnerability in Qualcomm Sound Driver   An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2016-8450
Elevation of Privilege Vulnerability in Kernel Security Subsystem   An elevation of privilege vulnerability in kernel security subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2016-7042
Elevation of Privilege Vulnerability in Kernel Performance Subsystem   An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2017-0403
Elevation of Privilege Vulnerability in Kernel Sound Subsystem   An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2017-0404
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver   An elevation of privilege vulnerability in the Qualcomm wi-fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2016-8452
Elevation of Privilege Vulnerability in Qualcomm Radio Driver   An elevation of privilege vulnerability in the Qualcomm radio driver could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2016-5345
Elevation of Privilege Vulnerability in Kernel Profiling Subsystem   An elevation of privilege vulnerability in the kernel profiling subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2016-9754
Elevation of Privilege Vulnerabilities in Broadcom Wi-Fi Driver   Elevation of privilege vulnerabilities in the Broadcom wi-fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2016-8454
CVE-2016-8456
CVE-2016-8457
Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver   An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2016-8458
Elevation of Privilege Vulnerabilities in Broadcom Wi-Fi Driver   Elevation of privilege vulnerabilities in the Broadcom wi-fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.   CVE-2016-8464
CVE-2016-8465
CVE-2016-8466
Information Disclosure Vulnerabilities in Qualcomm Audio Post Processor   Information disclosure vulnerabilities in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels.   CVE-2017-0399
CVE-2017-0400
CVE-2017-0401
CVE-2017-0402

黑莓安卓系统手机检查系统更新

设置Settings > 关于About > 系统更新System update > 检查更新Check for update.这里

rain

编辑/作者 at BerryLink
我的黑莓资源分享主页:
http://pan.baidu.com/share/home?uk=3040327457&view=share#category/type=0

请遵循网络共享条款,保留原作者与链接:Berrylink » 黑莓发布搭载Android系统Blackberry手机安全公告-2017年1月

分享到:更多 ()

评论 抢沙发

评论前必须登录!

BerryLink专注BlackBerry的开放式平台,邀您加入

加入我们团队成员