Google opublikowało grudniowy biuletyn bezpieczeństwa systemu Android, w którym zamieszczono poprawki dla 49 podatności tego systemu, w tym 6 krytycznych.

CERT PSE zachęca do zapoznania się z grudniowym biuletynem bezpieczeństwa Google Android i stosowanie aktualizacji dostarczanych przez poszczególnych producentów urządzeń.

CVE

Severity Updated AOSP versions

Framework

CVE-2021-0955

High 11
CVE-2021-0970 High

9, 10, 11, 12

CVE-2021-0704

High 9, 10, 11

Media Framework

CVE-2021-0967

High 10, 11, 12
Critical

9

CVE-2021-0971

High 9, 10, 11, 12
CVE-2021-0964 High

9, 10, 11, 12

System

CVE-2021-0968 Critical

9, 10, 11, 12

CVE-2021-0956

Critical 11, 12
CVE-2021-0953 High

9, 10, 11, 12

CVE-2021-0954

High 10, 11
CVE-2021-0963 High

9, 10, 11, 12

CVE-2021-0965

High 9, 10, 11, 12
CVE-2021-0952 High

9, 10, 11, 12

CVE-2021-0966

High 11, 12
CVE-2021-0958 Moderate

11, 12

CVE-2021-0969

Moderate

10, 11

CVE

Severity Component

Kernel components

CVE-2021-33909

High Filesystem
CVE-2021-38204 High

USB

CVE-2021-0961

Moderate netfilter

MediaTek components

CVE-2021-0675

High alac decoder
CVE-2021-0904 High

SRAMROM

Qualcomm components

CVE-2021-30262 High

Modem

CVE-2021-30335

High Kernel
CVE-2021-30337 High

Kernel

Qualcomm closed-source components

CVE-2021-30275 Critical

Closed-source component

CVE-2021-30276

Critical Closed-source component
CVE-2021-30351 Critical

Closed-source component

CVE-2020-11263

High Closed-source component
CVE-2021-1894 High

Closed-source component

CVE-2021-1918

High Closed-source component
CVE-2021-30267 High

Closed-source component

CVE-2021-30268

High Closed-source component
CVE-2021-30269 High

Closed-source component

CVE-2021-30270

High Closed-source component
CVE-2021-30271 High

Closed-source component

CVE-2021-30272

High Closed-source component
CVE-2021-30273 High

Closed-source component

CVE-2021-30274

High Closed-source component
CVE-2021-30278 High

Closed-source component

CVE-2021-30279

High Closed-source component
CVE-2021-30282 High

Closed-source component

CVE-2021-30283

High Closed-source component
CVE-2021-30289 High

Closed-source component

CVE-2021-30293

High Closed-source component
CVE-2021-30303 High

Closed-source component

CVE-2021-30336

High

Closed-source component

Google Play system updates

Component

CVE

Media Codecs

CVE-2021-0964
Media Codecs, Media Framework components

CVE-2021-0967