Google opublikowało majowy biuletyn bezpieczeństwa systemu Android, w którym zamieszczono poprawki do 44 podatności tego systemu, w tym 7 są krytyczne.

CERT PSE zachęca do zapoznania się lipcowym biuletynem bezpieczeństwa Google Android i stosowanie aktualizacji dostarczanych przez poszczególnych producentów urządzeń.

CVE

Severity

Updated AOSP versions

Framework

CVE-2021-0441

High

11

CVE-2020-0368

High

11

CVE-2021-0486

High

10, 11

Media Framework

CVE-2021-0587

High

8.1, 9, 10, 11

CVE-2021-0601

High

8.1, 9, 10, 11

System

CVE-2020-0417

High

8.1, 9, 10

CVE-2021-0585

High

8.1, 9, 10, 11

CVE-2021-0586

High

8.1, 9, 10, 11

CVE-2021-0589

High

8.1, 9, 10, 11

CVE-2021-0594

High

8.1, 9, 10, 11

CVE-2021-0600

High

8.1, 9, 10, 11

CVE-2021-0602

High

10, 11

CVE-2021-0588

High

8.1, 9

CVE-2021-0590

High

8.1, 9, 10, 11

CVE-2021-0596

High

8.1, 9, 10, 11

CVE-2021-0597

High

8.1, 9, 10, 11

CVE-2021-0599

High

8.1, 9, 10, 11

CVE-2021-0604

High

8.1, 9, 10, 11

CVE-2021-0514

High

8.1, 9, 10, 11

CVE-2021-0515

High

8.1, 9, 10, 11

CVE-2021-0603

High

11

CVE-2021-0518

High

11

 

 

 

 

Google Play system updates

Component

CVE

MediaProvider

CVE-2021-0441

Media Codecs

CVE-2021-0601

Network Stack

CVE-2021-0590

 

 

 

 

CVE

Severity

Component

MediaTek components

CVE-2021-0577

High

flv extractor

Widevine DRM

CVE-2021-0592

Critical

Widevine

Qualcomm components

CVE-2021-1965

Critical

WLAN

CVE-2021-1907

High

WLAN

CVE-2021-1931

High

Bootloader

CVE-2021-1940

High

Kernel

CVE-2021-1943

High

WLAN

CVE-2021-1945

High

WLAN

CVE-2021-1954

High

WLAN

CVE-2021-1955

High

WLAN

CVE-2021-1964

High

WLAN

CVE-2021-1970

High

WLAN

Qualcomm closed-source components

CVE-2020-11307

Critical

Closed-source component

CVE-2021-1886

Critical

Closed-source component

CVE-2021-1888

Critical

Closed-source component

CVE-2021-1889

Critical

Closed-source component

CVE-2021-1890

Critical

Closed-source component

CVE-2021-1938

High

Closed-source component

CVE-2021-1953

High

Closed-source component