Google opublikowało majowy biuletyn bezpieczeństwa systemu Android, w którym zamieszczono poprawki do 44 podatności tego systemu, w tym 7 są krytyczne.
CERT PSE zachęca do zapoznania się lipcowym biuletynem bezpieczeństwa Google Android i stosowanie aktualizacji dostarczanych przez poszczególnych producentów urządzeń.
CVE |
Severity |
Updated AOSP versions |
Framework |
||
CVE-2021-0441 |
High |
11 |
CVE-2020-0368 |
High |
11 |
CVE-2021-0486 |
High |
10, 11 |
Media Framework |
||
CVE-2021-0587 |
High |
8.1, 9, 10, 11 |
CVE-2021-0601 |
High |
8.1, 9, 10, 11 |
System |
||
CVE-2020-0417 |
High |
8.1, 9, 10 |
CVE-2021-0585 |
High |
8.1, 9, 10, 11 |
CVE-2021-0586 |
High |
8.1, 9, 10, 11 |
CVE-2021-0589 |
High |
8.1, 9, 10, 11 |
CVE-2021-0594 |
High |
8.1, 9, 10, 11 |
CVE-2021-0600 |
High |
8.1, 9, 10, 11 |
CVE-2021-0602 |
High |
10, 11 |
CVE-2021-0588 |
High |
8.1, 9 |
CVE-2021-0590 |
High |
8.1, 9, 10, 11 |
CVE-2021-0596 |
High |
8.1, 9, 10, 11 |
CVE-2021-0597 |
High |
8.1, 9, 10, 11 |
CVE-2021-0599 |
High |
8.1, 9, 10, 11 |
CVE-2021-0604 |
High |
8.1, 9, 10, 11 |
CVE-2021-0514 |
High |
8.1, 9, 10, 11 |
CVE-2021-0515 |
High |
8.1, 9, 10, 11 |
CVE-2021-0603 |
High |
11 |
CVE-2021-0518 |
High |
11 |
Google Play system updates |
|
Component |
CVE |
MediaProvider |
CVE-2021-0441 |
Media Codecs |
CVE-2021-0601 |
Network Stack |
CVE-2021-0590 |
CVE |
Severity |
Component |
MediaTek components |
||
CVE-2021-0577 |
High |
flv extractor |
Widevine DRM |
||
CVE-2021-0592 |
Critical |
Widevine |
Qualcomm components |
||
CVE-2021-1965 |
Critical |
WLAN |
CVE-2021-1907 |
High |
WLAN |
CVE-2021-1931 |
High |
Bootloader |
CVE-2021-1940 |
High |
Kernel |
CVE-2021-1943 |
High |
WLAN |
CVE-2021-1945 |
High |
WLAN |
CVE-2021-1954 |
High |
WLAN |
CVE-2021-1955 |
High |
WLAN |
CVE-2021-1964 |
High |
WLAN |
CVE-2021-1970 |
High |
WLAN |
Qualcomm closed-source components |
||
CVE-2020-11307 |
Critical |
Closed-source component |
CVE-2021-1886 |
Critical |
Closed-source component |
CVE-2021-1888 |
Critical |
Closed-source component |
CVE-2021-1889 |
Critical |
Closed-source component |
CVE-2021-1890 |
Critical |
Closed-source component |
CVE-2021-1938 |
High |
Closed-source component |
CVE-2021-1953 |
High |
Closed-source component |