‫ Google Nexus Multiple Vulnerabilities


ID: IRCAD2015104108

Release Date: 2015-10-09

Software:

Google Nexus

Description:

Some vulnerabilities have been reported in Google Nexus, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable device.

1) An error within libstagefright can be exploited to execute arbitrary code.

2) Another error within libstagefright can be exploited to execute arbitrary code.

3) Another error within libstagefright can be exploited to execute arbitrary code.

4) Another error within libstagefright can be exploited to execute arbitrary code.

5) Another error within libstagefright can be exploited to execute arbitrary code.

6) Another error within libstagefright can be exploited to execute arbitrary code.

7) Another error within libstagefright can be exploited to execute arbitrary code.

8) Another error within libstagefright can be exploited to execute arbitrary code.

9) Another error within libstagefright can be exploited to execute arbitrary code.

10) Another error within libstagefright can be exploited to execute arbitrary code.

11) Another error within libstagefright can be exploited to execute arbitrary code.

12) Another error within libstagefright can be exploited to execute arbitrary code.

13) Another error within libstagefright can be exploited to execute arbitrary code.

14) Another error within libstagefright can be exploited to execute arbitrary code.

15) Some errors within Sonivox can be exploited to execute arbitrary code.

16) An error within libutils can be exploited to execute arbitrary code.

17) Another error within libutils can be exploited to execute arbitrary code.

18) An error within Skia can be exploited to execute arbitrary code.

19) An error within libFLAC can be exploited to execute arbitrary code.

20) An error related to KeyStore can be exploited to bypass certain security restrictions. No further information is currently available.

21) An error related to Media Player Framework can be exploited to bypass certain security restrictions. No further information is currently available.

22) An error related to Android Runtime can be exploited to bypass certain security restrictions. No further information is currently available.

23) An error related to Mediaserver can be exploited to bypass certain security restrictions. No further information is currently available.

24) An error related to Secure Element Evaluation Kit can be exploited to bypass certain security restrictions. No further information is currently available.

The vulnerabilities are reported in Google Nexus devices running versions prior to build LMY48T.

Solution

Update to build LMY48T or later.

References:

https://groups.google.com/forum/#!topic/android-security-updates/iv1BF0f0XY4

Secunia:

https://secunia.com/advisories/66668/

 

 

 


نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 20 مهر 1394

امتیاز

امتیاز شما
تعداد امتیازها:0