• March Security Patch Update Being Pushed To Priv Devices On Rogers, Bell & Telus


    After its initial availability to ShopBlackBerry devices, Priv users on Rogers, Telus & Bell started receiving a 17.2MB update for their beloved Android-powered device this afternoon, updating their device to Build AAE016.

    Did you receive an update to Build AAE016? Notice any changes? Let us know in the comments below!

    Update (03/07/2016):
    The following vulnerabilities have been remediated in this update:

    Summary Description CVE
    Remote Code Execution Vulnerability in Mediaserver During media file and data processing of a specially crafted file, a vulnerability in mediaserver could allow an attacker to cause memory corruption and remote code execution as the mediaserver process.
    The affected functionality is provided as a core part of the operating system and there are multiple applications that allow it to be reached with remote content, most notably MMS and browser playback of media.
    CVE-2016-0815
    Remote Code Execution Vulnerabilities in libvpx There are multiple vulnerabilities in libvpx that could allow remote code execution in the privileged process mediaserver. CVE-2016-1621
    Elevation of Privilege Vulnerability in Conscrypt An elevation of privilege vulnerability in the Conscrypt component can enable a man in the middle to intercept, manipulate, and inject arbitrary content on an encrypted communication leading to remote code execution. CVE-2016-0818
    Elevation of Privilege Vulnerability in Keyring Component An elevation of privilege vulnerability in the Kernel Keyring Component can enable a local malicious application to execute arbitrary code within the kernel. CVE-2016-0728
    Mitigation Bypass Vulnerability in the Kernel A mitigation bypass vulnerability in the kernel can permit a bypass of security measures in place to increase the difficulty of attackers exploiting the platform. CVE-2016-0821
    Information Disclosure Vulnerability in Kernel An information disclosure vulnerability in the kernel can permit a bypass of security measures in place to increase the difficulty of attackers exploiting the platform. CVE-2016-0823
    Elevation of Privilege Vulnerabilities in Mediaserver Elevation of privilege vulnerabilities in mediaserver can enable a local malicious application to execute arbitrary code within the context of an elevated system application. CVE-2016-0826
    CVE-2016-0827
    Information Disclosure Vulnerabilities in Mediaserver Information disclosure vulnerabilities in mediaserver can permit a bypass of security measures in place to increase the difficulty of attackers exploiting the platform. CVE-2016-0828
    CVE-2016-0829
    Information Disclosure Vulnerability in Telephony An information disclosure vulnerability in the Telephony component could allow an application to access sensitive information. CVE-2016-0831
    Elevation of Privilege Vulnerability in Setup Wizard A vulnerability in the Setup Wizard could enable an attacker who had physical access to the device to gain access to device settings and perform a manual device reset. CVE-2016-0832


    comments powered by Disqus
  • Recent Comments

  • Most Commented

    The most commented articles on BlackBerryOS over the past 24 hours.
  • Recent Forum Posts

    tarynjames

    BBM

    Is there anyway that i can change bbm on my blackberry passport to the bbm version on android phones.....my mum has a samsung and i much prefer the bbm

    tarynjames 08-17-2017, 04:13 AM Go to last post
    tarynjames

    BBM feeds not working

    i have a blackberry passport and i swiped the phone. i have been using bbm fine for a few weeks but now all of a sudden, only peoples status's are changing

    tarynjames 08-17-2017, 04:13 AM Go to last post
    Absinthe

    How-To Recover A Nuked Blackberry - with Pictures

    Hi - If I do this, is all my data (schedule, phone book) lost? Can it be salvaged?

    Absinthe 08-16-2017, 10:31 AM Go to last post
    tarynjames

    BBM

    Is there anyway that i can change bbm on my blackberry to the bbm version on android phones.....my mum has a samsung and i much prefer the bbm on her

    tarynjames 08-16-2017, 05:09 AM Go to last post
    tarynjames

    BBM feeds not working

    i have a blackberry passport and i swiped the phone. i have been using bbm fine for a few weeks but now all of a sudden, only peoples status's are changing

    tarynjames 08-16-2017, 05:07 AM Go to last post
  • BlackBerryOS.com Weekly Poll

    WILL YOU BE PURCHASING THE ANDROID POWERED BLACKBERRY NEON/DTEK50? (Votes: 38)

    1. Yes (Votes: 17)

    2. No (Votes: 17)

    3. Undecided (Votes: 4)