9VSA22-00704-01 CSIRT alerta de nuevas vulnerabilidades en Android

Resumen

El Equipo de Respuesta ante Incidentes de Seguridad Informática, CSIRT de Gobierno, comparte información sobre vulnerabilidades comunicadas por Google para su sistema operativo Android.

Vulnerabilidades

CVE-2022-22822

CVE-2022-23852

CVE-2022-23990

CVE-2022-25314

CVE-2022-20218

CVE-2022-20392

CVE-2022-20393

CVE-2022-20197

CVE-2022-20395

CVE-2022-20398

CVE-2022-20396

CVE-2022-20399

CVE-2021-4083

CVE-2022-29582

CVE-2021-0697

CVE-2021-0942

CVE-2021-0943

CVE-2022-26447

CVE-2021-0871

CVE-2022-20385

CVE-2022-20386

CVE-2022-20387

CVE-2022-20388

CVE-2022-20389

CVE-2022-20390

CVE-2022-20391

CVE-2022-25708

CVE-2022-22066

CVE-2022-22074

CVE-2022-22081

CVE-2022-22089

CVE-2022-22091

CVE-2022-22092

CVE-2022-22093

CVE-2022-22094

CVE-2022-25669

CVE-2022-25686

CVE-2022-25688

CVE-2022-25690

CVE-2022-25696

CVE-2022-20385

CVE-2022-20386

CVE-2022-20387

CVE-2022-20388

CVE-2022-20389

CVE-2022-20390

CVE-2022-20391

Impacto

Vulnerabilidades de riesgo crítico

CVE-2022-25708: Vulnerabilidad de Qualcomm.

Productos afectados

Dispositivos con sistema Android actualizado con anterioridad al parche 2022-09-01.

Mitigación

Instalar las respectivas actualizaciones entregadas por el proveedor.

Enlaces

https://source.android.com/docs/security/bulletin/2022-09-01

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20218

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20392

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20393

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20197

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20395

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20398

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20396

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20399

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4083

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29582

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0697

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0942

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0943

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26447

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0871

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20385

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20386

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20387

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20388

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20389

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20390

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20391

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25708

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22066

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22074

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22081

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22089

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22089

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22092

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22093

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22094

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25669

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25686

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25688

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25690

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25696

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20385

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20386

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20387

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20388

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20389

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20390

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20391

Informe

El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA22-00704-01.

9VSA22-00704-01 CSIRT alerta de nuevas vulnerabilidades en Android