|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2017-04-04 15:17:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
Android Security Bulletin—April 2017
The April Android Security Bulletin provides a discouragingly long list of vulnerabilities fixed in the latest update (for those with devices sufficiently well supported to receive them). "The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files." There's also a fix for CVE-2016-10229, which is a remotely exploitable vulnerability in the UDP stack that was fixed in the 4.5 and 4.4.21 kernels. Those kernels were not vulnerable as the result of other work, but older kernels with backported fixes (Android kernels, for example) were.
The April Android Security Bulletin provides a discouragingly long list of vulnerabilities fixed in the latest update (for those with devices sufficiently well supported to receive them). "The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files." There's also a fix for CVE-2016-10229, which is a remotely exploitable vulnerability in the UDP stack that was fixed in the 4.5 and 4.4.21 kernels. Those kernels were not vulnerable as the result of other work, but older kernels with backported fixes (Android kernels, for example) were.
