2021-10-01 security patch level vulnerability details
Android runtime
CVE-2021-0703
Framework
CVE-2021-0652
CVE-2021-0705
CVE-2021-0708
- 同上个月公告的CVE-2021-0683,不知道为何又放了一遍
CVE-2020-15358
- sqlite的两个漏洞CVE-2020-15358和CVE-2020-13871
CVE-2021-0702
CVE-2021-0651
CVE-2021-0483
System
CVE-2021-0643
- SubscriptionManager.getAllActiveSubscriptionInfoList接口会泄露ICCID
CVE-2021-0706
- SystemUI中的DISABLE_PLUGIN动态广播接收器添加权限
filter.addAction(Intent.ACTION_PACKAGE_CHANGED);
filter.addAction(Intent.ACTION_PACKAGE_REPLACED);
filter.addAction(Intent.ACTION_PACKAGE_REMOVED);
+ filter.addDataScheme("package");
+ mContext.registerReceiver(this, filter);
filter.addAction(PLUGIN_CHANGED);
filter.addAction(DISABLE_PLUGIN);
filter.addDataScheme("package");
+ mContext.registerReceiver(this, filter, PluginInstanceManager.PLUGIN_PERMISSION, null);
mContext.registerReceiver(this, filter);
filter = new IntentFilter(Intent.ACTION_USER_UNLOCKED);
mContext.registerReceiver(this, filter);
2021-10-05 security patch level vulnerability details
System
CVE-2021-0870