Prime Inspiration

Apple, Gadgets, Android, Microsoft

Latest Blackberry Priv Update Addresses A Security Problem By Upgrading To Newer Android/Linux Kernel

by · Published · Updated

Tags:

BlackBerry Priv
BlackBerry Priv

Blackberry has released an update for their Blackberry Priv smartphone that upgrades it to newer Android/Linux kernel to address a recently discovered security issue. A recent discovery showed that the Android / Linux kernel was vulnerable to a specific attack that grants the attacker locally elevated privileges. According to Blackberry, once you installed this latest update, you “will be fully protected from this vulnerability”.

This advisory addresses an industry-wide elevation of privilege vulnerability that is not currently being exploited against, but affects, BlackBerry® PRIV smartphones. BlackBerry customer risk is limited by the inability of a potential attacker to force exploitation of the vulnerability without customer interaction. Successful exploitation requires an attacker craft a malicious application (app) and that a user install the malicious app. If the requirements are met for exploitation, an attacker could potentially gain locally elevated privileges. After installing the recommended software update, affected customers will be fully protected from this vulnerability.

Vulnerability Information

An elevation of privilege vulnerability exists in the shared Android/Linux kernel used in affected versions of BlackBerry PRIV smartphones. The kernel constitutes the central core of the smartphone’s operating system. 

Successful exploitation of this vulnerability could result in an attacker gaining elevated privileges on the smartphone.

In order to exploit this vulnerability, an attacker must craft a malicious app. The attacker must then persuade a user to download and install the malicious app.

This vulnerability has a Common Vulnerability Scoring System (CVSSv2) score of 6.9. View the linked Common Vulnerability and Exposures (CVE) identifiers for a description of the security issue that this security advisory addresses.

CVE identifier – CVSSv2 score

CVE-2015-1805 – 6.9

Priv owners, who purchased their device from ShopBlackBerry.com, should see the update popping up on their phone. If you are not yet noticing the update, you can head into “Settings”, “About phone” and check manually for the update.

Source: Blackberry

Tags:

Raja Rajan

Raja is obsessed with technology and Cricket for as long as he can remember. Nowadays he work as a freelance developer and writer for PrimeInspiration.com

Help Us Grow

If you like this post, please share it with your friends.

You are free to copy and redistribute this article in any medium or format, as long as you keep the links in the article or provide a link back to this page.

You may also like...

2 Responses

  1. yeye says:
    March 24, 2016 at 4:46 pm

    do they still have users for their phone???