9VSA22-00704-01 CSIRT alerta de nuevas vulnerabilidades en Android
El Equipo de Respuesta ante Incidentes de Seguridad Informática, CSIRT de Gobierno, comparte información sobre vulnerabilidades comunicadas por Google para su sistema operativo Android.
Resumen
El Equipo de Respuesta ante Incidentes de Seguridad Informática, CSIRT de Gobierno, comparte información sobre vulnerabilidades comunicadas por Google para su sistema operativo Android.
Vulnerabilidades
CVE-2022-22822
CVE-2022-23852
CVE-2022-23990
CVE-2022-25314
CVE-2022-20218
CVE-2022-20392
CVE-2022-20393
CVE-2022-20197
CVE-2022-20395
CVE-2022-20398
CVE-2022-20396
CVE-2022-20399
CVE-2021-4083
CVE-2022-29582
CVE-2021-0697
CVE-2021-0942
CVE-2021-0943
CVE-2022-26447
CVE-2021-0871
CVE-2022-20385
CVE-2022-20386
CVE-2022-20387
CVE-2022-20388
CVE-2022-20389
CVE-2022-20390
CVE-2022-20391
CVE-2022-25708
CVE-2022-22066
CVE-2022-22074
CVE-2022-22081
CVE-2022-22089
CVE-2022-22091
CVE-2022-22092
CVE-2022-22093
CVE-2022-22094
CVE-2022-25669
CVE-2022-25686
CVE-2022-25688
CVE-2022-25690
CVE-2022-25696
CVE-2022-20385
CVE-2022-20386
CVE-2022-20387
CVE-2022-20388
CVE-2022-20389
CVE-2022-20390
CVE-2022-20391
Impacto
Vulnerabilidades de riesgo crítico
CVE-2022-25708: Vulnerabilidad de Qualcomm.
Productos afectados
Dispositivos con sistema Android actualizado con anterioridad al parche 2022-09-01.
Mitigación
Instalar las respectivas actualizaciones entregadas por el proveedor.
Enlaces
https://source.android.com/docs/security/bulletin/2022-09-01
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20218
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20393
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20197
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20395
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20398
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20396
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20399
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4083
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29582
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0697
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0942
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0943
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26447
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0871
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20387
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20388
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20389
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20390
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25708
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22066
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22074
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22081
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22089
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22089
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22092
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22094
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25669
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25686
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25688
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25690
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20387
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20388
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20389
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20390
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20391
Informe
El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA22-00704-01.