ºìÁªLinuxÃÅ»§
Linux°ïÖú

Á½¸ö©¶´¿ÉÈÃÊ®ÒÚ°²×¿ÊÖ»ú±»»ñÈ¡RootȨÏÞ£¿

·¢²¼Ê±¼ä:2016-03-12 09:30:12À´Ô´:ºìÁª×÷Õß:pocheng
Ç÷ÊÆ¿Æ¼¼±¨µÀ£¬ÊýÊ®Òڵݲ׿É豸ÉÏ·¢ÏÖ°²È«Â©¶´£¬¹¥»÷Õß¿Éͨ¹ý¼òµ¥µÄ²Ù×÷»ñÈ¡root·ÃÎÊȨÏÞ¡£

ĿǰÊг¡Éϴ󲿷ֵÄÖÇÄÜÉ豸¶¼ÔÚʹÓÃQualcomm Snapdragon SoCs£¨ÏµÍ³Ð¾Æ¬£©£¬¾Ý¸Ã¹«Ë¾¹ÙÍøÉÏͳ¼Æ£¬Óг¬¹ý10ÒÚµÄÉ豸ʹÓÃSnapdragonоƬ¡£È»¶ø²»ÐÒµÄÊÇ£¬°²È«Ñо¿Ô±ÃÇ·¢ÏÖÊý¸ö°²È«Â©¶´»áÓ°ÏìSnapdragonоƬ£¬¿É±»¹¥»÷Õß»ñÈ¡·ÃÎÊÉ豸µÄrootȨÏÞ¡£

Ç÷ÊÆ¿Æ¼¼ÔÚ·¢ÏÖÕâЩ©¶´Ö®ºó¾ÍÌá½»¸øÁËGoogle£¬²¢ÇÒGoogleÒ²ÒѾ­ÐÞ¸´ÁË¡£µ«ÊÇÓÉÓÚÓ°Ï췶Χ±È½Ï¹ã·º£¬Òƶ¯ÁìÓòºÍÎïÁªÍøÁìÓò¾ùÓÐÉæ¼°£¬ÄÑÃâÓв¿·ÖÓû§Î´Äܼ°Ê±¸üв¹¶¡£¬ËùÒÔÔÚ´ËÌáÐÑÓû§¸üЩ¶´²¹¶¡¡£ÁíÍ⽨Ò鰲׿Óû§ÔÚÏÂÔØÓ¦ÓÃʱһ¶¨Òª´ÓºÏ·¨À´Ô´´¦ÏÂÔØ¡£

Á½Ã¶°²È«Â©¶´Ó°ÏìÊýÒÚ°²×¿ÊÖ»ú

CVE-2016-0819

¸Ã©¶´³öÏÖÔÚÄÚºËÖÐobject±»ÊͷŵÄʱºò£¬ËùÒÔ±»³ÆÖ®ÎªÂß¼­Â©¶´¡£ÆäÖÐÓÐÒ»¸ö½ÚµãÔÚÊÍ·Å֮ǰÒѱ»É¾³ýÁ½´Î¡£Õ⽫»áµ¼ÖÂÊÖ»úÖеÄÐÅϢй¶ºÍUAF£¨ÊÍ·ÅÄÚ´æºóÔÙʹÓã©ÎÊÌâ¡£

CVE-2016-0805

¸Ã©¶´´æÔÚÓÚget_krait_evtinfoº¯ÊýÖС£¸Ãº¯Êý»á·µ»ØÒ»¸öarrayµÄË÷Òý£¬È»¶ø¸Ãº¯ÊýµÄÊä³öÑéÖ¤ÊDz»ÍêÉÆµÄ¡£ËùÒÔ£¬µ±krait_clearpmuºÍkrait_evt_setupº¯Êý·ÃÎÊkrait_functions arrayʱ£¬¾Í»áµ¼ÖÂԽȨ·ÃÎÊ¡£

»ñµÃroot·ÃÎÊȨÏÞ

Èç¹û°²×¿É豸Éϰ²×°ÁËSnapdragonоƬ£¬¹¥»÷ÕßÖ»ÒªÀûÓÃÕâÁ½¸öexp¾ÍÄÜ»ñµÃÉ豸µÄroot·ÃÎÊȨÏÞ¡£¼øÓÚÓÐЩÓû§»¹Ã»Óиüв¹¶¡£¬ÕâÀï²»»áչʾ©¶´µÄÈ«²¿Ï¸½Ú£¬È«²¿Ï¸½Ú½«»áÔÚ2016Äê5Ôµ׳ÊÏÖÔÚHack In the Box°²È«´ó»áÉÏ¡£

ÊÜÓ°ÏìµÄÉ豸

ÊÜCVE-2016-0805Ó°ÏìµÄϵͳ°æ±¾Îª4.4.4--6.0.1£¬²âÊÔ·¢ÏÖÊÜÓ°ÏìµÄÓУ¨½ö²âÊÔ¹ý²¿·ÖÊÖ»ú£©£º

Nexus 5

Nexus 6

Nexus 6P

Samsung Galaxy Note Edge

Äں˰汾Ϊ3.10µÄ°²×¿É豸ҲÊÜÓ°Ïì

* ²Î¿¼À´Ô´£ºsecurityaffairs£¬trendmicro£¬¸åÔ´£ºFreeBufºÚ¿ÍÓ뼫¿Í£¨FreeBuf.COM£©
ÎÄÕÂÆÀÂÛ

¹²ÓÐ 0 ÌõÆÀÂÛ