Motorola Community

motorola one Phonesmotorola one vision
All Forum Topics
Options

31 Posts

05-27-2019

SE

183 Signins

1372 Page Views

  • Posts: 31
  • Registered: ‎05-27-2019
  • Location: SE
  • Views: 1372
  • Message 1 of 3

Motorola Security Site not updated for 2020?

2020-02-20, 16:15 PM

This isn't specific for One Vision but I didn't find any "general" forum part to post it in, and since I have a One Vision I'll post it here.

Will this site ever be updated to include the 2020 security patch updates?

Welcome to the Motorola Security Site

All I can find is what's included in the 2019 security patch updates.

 

Reply
Options

6 Posts

02-05-2020

AT

16 Signins

25 Page Views

  • Posts: 6
  • Registered: ‎02-05-2020
  • Location: AT
  • Views: 25
  • Message 2 of 3

Re: Motorola Security Site not updated for 2020?

2020-02-20, 18:25 PM

Information to all fixes and in which security patch level they're included can also be found here: https://source.android.com/security/bulletin

Reply
Options

31 Posts

05-27-2019

SE

183 Signins

1372 Page Views

  • Posts: 31
  • Registered: ‎05-27-2019
  • Location: SE
  • Views: 1372
  • Message 3 of 3

Re: Motorola Security Site not updated for 2020?

2020-02-20, 21:00 PM

Yes I know about that. It's just that I thought that what's showing on moto's site is the patches included for this specific device.

But I guess that's not the case here.

The security patched when selecting one vision goes back to January 2019 while the device was released mid May so it doesn't even seem to be device specific even when a specific device is selected. :smileysurprised:

 

I mean it's obvious that we won't have the "Qualcomm components" and "Qualcomm closed-source components" fixes since we have an Exynos device, but instead I'd expect some security updates for Exynos 9609/9610 soc from Samsung to be included if there is any such thing released from Samsung.

As an example I can see on samsung security:

SVE-2019-15873: Arbitrary memory read/write vulnerability in Widevine Trustlet

Severity: High
Affected Versions: O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets
Reported on: October 11, 2019
Disclosure status: Privately disclosed.
A vulnerability caused by missing checks of memory address accessin Widevine trustlet allows arbitrary memory read and write from non-secure memory.
The patch adds proper range check of accessible memory.

SVE-2019-16293: Kernel pointer leak in vipx driver

Severity: Moderate
Affected Versions: P(9.0), Q(10.0) devices with Exynos 9610 chipset
Reported on: November 27, 2019
Disclosure status: Privately disclosed.
A kernel pointer leak vulnerability exists in vipx driver.
The patch restricts triggering of vipx driver.

And I see exynos-vipx & exynos-vipx-vertex drivers in our device so I got curious.

I just wanted to know if security patches from samsung is ever included on this device, if even applicable.

 

Reply
Forum Home

Community Guidelines

Please review our Guidelines before posting.

Learn More

Check out current deals!

Go Shop
X

Save