News

Published on July 3rd, 2019 📆 | 4253 Views ⚑

0

Android Security Update with the Fixes for 33 Vulnerabilities


iSpeech.org

Android Security Update – Critical Vulnerabilities Let Hackers Control Your Android Phone Remotely

Android released new security updates and fixed several vulnerabilities that affected Android devices, and Android partners are notified of all issues.

Android fixed 33 vulnerabilities, in which, 9 vulnerabilities categorized under critical severity and rest of the 24 vulnerabilities are patched under “high” severity.

According to Android release notes, “The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed. “

The Vulnerabilities that patched in this update affected various Android components including framework, media framework, library, Qualcomm and its closed-source components.

A critical vulnerability in system and Media Framework let a remote attacker execute the specially crafted file to execute arbitrary code within the context of a privileged process.

 The July Android security updates are also rolling out to the Google Pixel, Pixel XL, and Essential Phone.

Android Security Update

Framework

CVE References Type Severity Updated AOSP versions
CVE-2019-2104 A-131356202 [2] [3] [4] [5] [6] [7] ID High 8.0, 8.1, 9

Library

CVE References Type Severity Updated AOSP versions
CVE-2019-2105 A-116114182 RCE High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9

Media Framework

CVE References Type Severity Updated AOSP versions
CVE-2019-2106 A-130023983 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2107 A-130024844 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2109 A-130651570* RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1

System

CVE References Type Severity Updated AOSP versions
CVE-2019-2111 A-122856181 [2] RCE Critical 9
CVE-2019-2112 A-117997080 EoP High 8.0, 8.1, 9
CVE-2019-2113 A-122597079* EoP High 9
CVE-2019-2116 A-117105007 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2117 A-124107808 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2118 A-130161842 ID High 8.0, 8.1, 9
CVE-2019-2119 A-131622568 ID High 8.0, 8.1, 9

Qualcomm components

Qualcomm closed-source components

CVE References Type Severity Component
CVE-2019-2254 A-122473972* N/A Critical Closed-source component
CVE-2019-2322 A-129766496* N/A Critical Closed-source component
CVE-2019-2327 A-129766125* N/A Critical Closed-source component
CVE-2019-2235 A-122473271* N/A High Closed-source component
CVE-2019-2236 A-122474808* N/A High Closed-source component
CVE-2019-2237 A-122472479* N/A High Closed-source component
CVE-2019-2238 A-122473168* N/A High Closed-source component
CVE-2019-2239 A-122473304* N/A High Closed-source component
CVE-2019-2240 A-122473496* N/A High Closed-source component
CVE-2019-2241 A-122473989* N/A High Closed-source component
CVE-2019-2253 A-129766432* N/A High Closed-source component
CVE-2019-2334 A-129766099* N/A High Closed-source component
CVE-2019-2346 A-129766299* N/A High Closed-source component

All the Android users are requested to update your phone immediately to apply the latest Android security patch.





To learn how to check a device’s security patch level, see Check and update your Android version.

You can follow us on Linkedin, TwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Also Read:

50,000 times Downloaded Android Horror Game from GooglePlay Steals Google and Facebook Login Credentials

New ViceLeaker Malware Attack on Android Devices With Backdoor Capabilities to Hijack Camera, Record Audio

Hackers Take Complete Control of Your Android Device by Launching MobOk Malware via Fake Photo Editing Apps in Google Play



Source link

Tagged with:



Comments are closed.






© Torchsec  Privacy Policy Disclaimer  T&C



Back to Top ↑