Skip to main content
 首页 » 科技 » 黑莓

黑莓发布搭载Android系统Blackberry手机安全公告-2017年1月

2017年01月04日16860berrylink

黑莓官方发布2017年1月份搭载Android系统Blackberry手机(PRIV/DTEK)安全公告,此次更新主要修复高通官方已披露的漏洞(如GPU驱动漏洞,wifi驱动漏洞等)以及部分已知Android系统漏洞。Android Security

更新机型包含已上市黑莓安卓系统机型手机Blackberry PRIV/DTEK50/DTEK60. 官方从1月5日开始OTA推送。

此次更新可修复如下漏洞:

Summary/摘要 Description/说明 CVE/漏洞编号
Remote Code Execution Vulnerability in Mediaserver A remote code execution vulnerability in mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. CVE-2017-0381
Remote Code Execution Vulnerability in Framesequence A remote code execution vulnerability in the framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. CVE-2017-0382
Elevation of Privilege Vulnerabilities in Audioserver Elevation of privilege vulnerabilities in audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. CVE-2017-0384
CVE-2017-0385
Elevation of Privilege Vulnerability in libnl An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process. CVE-2017-0386
Elevation of Privilege Vulnerability in Mediaserver An elevation of privilege vulnerability in mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. CVE-2017-0387
Denial of Service Vulnerability in Core Networking A denial of service vulnerability in core networking could enable a remote attacker to use specially crafted network packet to cause a device hang or reboot. CVE-2017-0389
Denial of Service Vulnerabilities in Mediaserver Denial of service vulnerabilities in mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. CVE-2017-0390
CVE-2017-0391
CVE-2017-0392
CVE-2017-0393
Denial of Service Vulnerability in Telephony A denial of service vulnerability in telephony could enable a remote attacker to cause a device hang or reboot. CVE-2017-0394
Elevation of Privilege Vulnerability in Contacts An elevation of privilege vulnerability in contacts could enable a local malicious application to silently create contact information. CVE-2017-0395
Information Disclosure Vulnerabilities in Mediaserver Information disclosure vulnerabilities in mediaserver could enable a local malicious application to access data outside of its permission levels. CVE-2017-0396
CVE-2017-0397
Information Disclosure Vulnerabilities in Audioserver Information disclosure vulnerabilities in audioserver could enable a local malicious application to access data outside of its permission levels. CVE-2017-0398
CVE-2017-0399
CVE-2017-0400
CVE-2017-0401
CVE-2017-0402
Elevation of Privilege Vulnerability in Kernel Memory Subsystem An elevation of privilege vulnerability in the kernel memory subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2015-3288
Elevation of Privilege Vulnerabilities in Qualcomm Bootloader Elevation of privilege vulnerabilities in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8422
CVE-2016-8423
Elevation of Privilege Vulnerability in Qualcomm GPU Driver An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8434
Vulnerabilities in Qualcomm Components These security vulnerabilities affect Qualcomm components, and are described in further detail in the appropriate Qualcomm AMSS security bulletin or security alert. CVE-2016-8398
CVE-2016-8437
CVE-2016-8438
CVE-2016-8439
CVE-2016-8440
CVE-2016-8441
CVE-2016-8442
CVE-2016-8443
CVE-2016-8459
CVE-2016-5080
Elevation of Privilege Vulnerabilities in Qualcomm Camera Elevation of privilege vulnerabilities in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8412
CVE-2016-8444
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver An elevation of privilege vulnerability in the Qualcomm wi-fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8415
Elevation of Privilege Vulnerability in Qualcomm Sound Driver An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8450
Elevation of Privilege Vulnerability in Kernel Security Subsystem An elevation of privilege vulnerability in kernel security subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-7042
Elevation of Privilege Vulnerability in Kernel Performance Subsystem An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2017-0403
Elevation of Privilege Vulnerability in Kernel Sound Subsystem An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2017-0404
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver An elevation of privilege vulnerability in the Qualcomm wi-fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8452
Elevation of Privilege Vulnerability in Qualcomm Radio Driver An elevation of privilege vulnerability in the Qualcomm radio driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-5345
Elevation of Privilege Vulnerability in Kernel Profiling Subsystem An elevation of privilege vulnerability in the kernel profiling subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-9754
Elevation of Privilege Vulnerabilities in Broadcom Wi-Fi Driver Elevation of privilege vulnerabilities in the Broadcom wi-fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8454
CVE-2016-8456
CVE-2016-8457
Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8458
Elevation of Privilege Vulnerabilities in Broadcom Wi-Fi Driver Elevation of privilege vulnerabilities in the Broadcom wi-fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8464
CVE-2016-8465
CVE-2016-8466
Information Disclosure Vulnerabilities in Qualcomm Audio Post Processor Information disclosure vulnerabilities in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. CVE-2017-0399
CVE-2017-0400
CVE-2017-0401
CVE-2017-0402

黑莓安卓系统手机检查系统更新

设置Settings > 关于About > 系统更新System update > 检查更新Check for update.这里

评论列表暂无评论
发表评论
请先 登录 再评论,若不是会员请先 注册