Google opublikowało listopadowy biuletyn bezpieczeństwa systemu Android, w którym zamieszczono poprawki do 30 podatności tego systemu, w tym 4 jest krytycznych.

CERT PSE zachęca do zapoznania się z listopadowym biuletynem bezpieczeństwa Google Android i stosowanie aktualizacji dostarczanych przez poszczególnych producentów urządzeń.

Google Play system updates

CVE

Component

CVE-2020-0418

Permission Controller
CVE-2020-0451

Media Codecs

CVE-2020-0424

DNS Resolver

CVE

Severity Updated AOSP versions

Android runtime

CVE-2020-0409

High 8.0, 8.1, 9, 10

Framework

CVE-2020-0441

Critical 8.0, 8.1, 9, 10, 11
CVE-2020-0442 Critical

8.0, 8.1, 9, 10, 11

CVE-2020-0418

High 10
CVE-2020-0439 High

8.0, 8.1, 9, 10, 11

CVE-2020-0454

High 9
CVE-2020-0443 High

8.0, 8.1, 9, 10, 11

System

CVE-2020-0449 Critical

8.0, 8.1, 9, 10, 11

CVE-2020-12856

High 8.0, 8.1, 9, 10, 11
CVE-2020-0424 High

9, 10, 11

CVE-2020-0448

High 8.0, 8.1, 9, 10, 11
CVE-2020-0450 High

8.0, 8.1, 9, 10, 11

CVE-2020-0453

High 8.0, 8.1, 9
CVE-2020-0437 High

8.0, 8.1, 9, 10, 11

CVE

Severity Component

MediaTek

CVE-2020-0445

High video encoder
CVE-2020-0446 High

video decoder

CVE-2020-0447

High ptp3

Qualcomm closed-source components

CVE-2020-3639

Critical Closed-source component
CVE-2020-3632 High

Closed-source component

CVE-2020-11123

High Closed-source component
CVE-2020-11127 High

Closed-source component

CVE-2020-11168

High Closed-source component
CVE-2020-11175 High

Closed-source component

CVE-2020-11184

High Closed-source component
CVE-2020-11193 High

Closed-source component

CVE-2020-11196

High Closed-source component
CVE-2020-11205 High

Closed-source component