BlackBerry powered by Android security bulletin – April 2016

Number: AV16-058
Date: 6 April 2016

Purpose

The purpose of this advisory is to bring attention to a security update to address multiple vulnerabilities in BlackBerry powered by Android smartphones.

Assessment

The Blackberry powered by Android Security Bulletin addresses a security update for 26 vulnerabilities that could potentially enable remote code execution, elevation of privilege and data access on affected devices.

CVE References: CVE-2015-1805, CVE-2016-0837, CVE-2016-0838,  CVE-2016-0841, CVE-2016-0844, CVE-2016-0846, CVE-2016-0847, CVE-2016-0848, CVE-2016-0849, CVE-2016-0850, CVE-2016-1503, CVE-2016-2410, CVE-2016-2411, CVE-2016-2412,CVE-2016-2413, CVE-2016-2414, CVE-2016-2415, CVE-2016-2416, CVE-2016-2417, CVE-2016-2421, CVE-2016-2422, CVE-2016-2423, CVE-2016-2424, CVE-2016-2426, CVE-2016-2427

Suggested Action

An updated software version is available immediately for BlackBerry Powered by Android smartphones that have been purchased from ShopBlackBerry.com. The updated software version can be identified with the build ID ‘Build AAE298’. If your devices were purchased from a source other than ShopBlackBerry.com, contact that retailer or carrier directly for security maintenance release availability AvailabilityThe ability for the right people to access the right information or systems when needed. Availability is applied to information assets, software, and hardware (infrastructure and its components). Implied in its definition is that availability includes the protection of assets from unauthorized access and compromise. information.

References:

http://support.blackberry.com/kb/articleDetail?articleNumber=000038099

Date modified: