黑莓官方发布12月份搭载Android系统Blackberry手机(PRIV/DTEK50/DTEK60)安全公告,此次更新修复高通官方已知Android系统漏洞。系统更新版本号为(AAH990、AAI039、AAH995)。
更新机型包含已上市黑莓安卓系统机型手机Blackberry PRIV/DTEK50/DTEK60. 官方从12月3日开始OTA推送
此次更新可修复如下漏洞:
Summary/摘要 | Description/说明 | CVE/漏洞编号 | ||
Elevation of Privilege Vulnerability in Libziparchive | An elevation of privilege vulnerability in the libziparchive library could enable a local malicious application to execute arbitrary code within the context of a privileged process. | CVE-2016-6762 | ||
Denial of Service Vulnerability in Telephony | A denial of service vulnerability in telephony could enable a local malicious application to use a specially crafted file to cause a device hang or reboot. | CVE-2016-6763 | ||
Denial of Service Vulnerabilities in Mediaserver | Denial of service vulnerabilities in mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | CVE-2016-6766 CVE-2016-6765 CVE-2016-6764 | ||
Remote Code Execution Vulnerability in Framesequence Library | A remote code execution vulnerability in the framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. | CVE-2016-6768 | ||
Elevation of Privilege Vulnerability in Framework APIs | An elevation of privilege vulnerability in the Framework API could enable a local malicious application to access system functions beyond its access level. | CVE-2016-6770 | ||
Elevation of Privilege Vulnerability in Telephony | An elevation of privilege vulnerability in telephony could enable a local malicious application to access system functions beyond its access level. | CVE-2016-6771 | ||
Elevation of Privilege Vulnerability in Wi-Fi | An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to execute arbitrary code within the context of a privileged process. | CVE-2016-6772 | ||
Information Disclosure Vulnerability in Mediaserver | An information disclosure vulnerability in mediaserver could enable a local malicious application to access data outside of its permission levels. | CVE-2016-6773 | ||
Elevation of Privilege Vulnerability in Qualcomm MSM Interface | An elevation of privilege vulnerability in the Qualcomm MSM interface could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2016-8411 | ||
Elevation of Privilege Vulnerability in Kernel | An elevation of privilege vulnerability in the kernel could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2015-8966 | ||
Elevation of Privilege Vulnerability in Kernel ION Driver | An elevation of privilege vulnerability in the kernel ION driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2016-9120 | ||
Elevation of Privilege Vulnerability in Kernel | An elevation of privilege vulnerability in the kernel could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2015-8967 | ||
Elevation of Privilege Vulnerabilities in Qualcomm Media Codecs | Elevation of privilege vulnerabilities in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. | CVE-2016-6758 CVE-2016-6759 CVE-2016-6760 CVE-2016-6761 | ||
Elevation of Privilege Vulnerability in Qualcomm Camera Driver | An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2016-6755 | ||
Elevation of Privilege Vulnerabilities in Kernel Performance Subsystem | Elevation of privilege vulnerabilities in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2016-6786 CVE-2016-6787 | ||
Elevation of Privilege Vulnerabilities in Qualcomm Sound Driver | Elevation of privilege vulnerabilities in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2016-6791 CVE-2016-8391 CVE-2016-8392 | ||
Elevation of Privilege Vulnerability in Kernel Security Subsystem | An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2015-7872 | ||
Elevation of Privilege Vulnerabilities in Broadcom Wi-Fi Driver | Elevation of privilege vulnerabilities in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2014-9909 CVE-2014-9910 | ||
Denial of Service Vulnerability in GPS | A denial of service vulnerability in the Qualcomm GPS component could enable a remote attacker to cause a device hang or reboot. | CVE-2016-5341 | ||
Elevation of Privilege Vulnerability in Kernel Networking Subsystem | An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. | CVE-2016-8399 | ||
Information Disclosure Vulnerabilities in Qualcomm Components | Information disclosure vulnerabilities in Qualcomm components including the camera driver and video driver could enable a local malicious application to access data outside of its permission levels. | CVE-2016-6756 CVE-2016-6757 | ||
Information Disclosure Vulnerabilities in Kernel Components | Information disclosure vulnerabilities in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. | CVE-2016-8401 CVE-2016-8402 CVE-2016-8403 CVE-2016-8404 CVE-2016-8405 CVE-2016-8406 CVE-2016-8407 | ||
Information Disclosure Vulnerability in Qualcomm Sound Driver | An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. |
黑莓安卓系统手机检查系统更新
设置Settings > 关于About > 系统更新System update > 检查更新Check for update.这里