Google、Androidセキュリティーパッチ2023年3月分を案内!Pixel 4a以降はソフトウェア更新が提供開始。Pixel 7・7 ProはデュアルeSIMに対応
 |
| GoogleがAndroid向けセキュリティーパッチ2023年3月分を案内! |
Googleは6日(現地時間)、スマートフォン(スマホ)など向けプラットフォーム「Android」における月次セキュリティーパッチの2023年3月分を告示しています。またGoogleは13日(現地時間)、同社が開発・販売するスマホ「Pixel」ブランドのスマホにおいて2023年3月分のソフトウェア更新を同日より提供開始しており、来週にかけて順次提供されるとのこと。
更新後のビルド番号はカナダ向けのPixel 4aが「TQ1A.230205.001.B2」、オーストラリアのTelstra向けのPixel 7とPixel 7 Proが「TQ1A.230205.001.A2」、アメリカのT-MobileとGoogle Fi向けの全機種が「TQ1A.230205.001.D2」、日本を含むそれ以外が「TQ1A.230205.002」となっています。なお、このソフトウェア更新にはセキュリティーパッチのほか、すでに紹介しているようにPixelスマホやスマートウォッチ「Pixel Watch」向けの新機能新機能「Pixel Feature Drop」の第11弾(2023年3月分)も含まれています。
さらに非常に多くの不具合修正や機能改善が含まれており、Pixel 7やPixel 7 ProではeSIMを2つ設定したデュアルSIMデュアルスタンバイ(DSDS)に対応したり、Pixel 7やPixel 7 Proにて特定の状況での指紋認識と応答速度をより改善したり、ソフトウェア更新後にアプリ固有のバッテリー制限設定がリセットされることがある問題などが修正されていたりするいうことです。
Pixelシリーズにはセキュリティーパッチや不具合を修正するソフトウェア更新が毎月提供されており、今月分のセキュリティーパッチはAndroid向けではCriticalが4個、Highが52個、分類なしが5個の合計61個、Pixel向けではCriticalが7個、Highが5個、Moderateが108個の合計120個となっています。またセキュリティー更新以外のPixelシリーズにおける更新内容は以下の通り。
なお、Pixel 7やPixel 7 Proなどを販売するKDDIおよび沖縄セルラー電話の携帯電話サービス「au」やソフトバンクの携帯電話サービス「SoftBank」でもそれぞれソフトウェア更新の提供開始をお知らせしており、auでは更新ファイルサイズと更新時間はPixel 7 Proが約470MB〜2.3GBと約40分、Pixel 7が約460MB〜2.3GBと約40分、Pixel 5が約260MB〜1.9GBと約40分となっており、現時点ではGoogleと同様にPixel 6シリーズについての案内はないため、まだ配信開始されていないようです。
What’s included
In addition to new features, the March 2023 software update for Pixel devices includes several fixes and improvements across several areas, including device stability, connectivity, performance and more - see below for some notable improvements.
Apps
- Fix for issue causing Live Translate feature to prompt for translation too frequently in certain apps *[1]
- Fix for issue occasionally keeping display on while certain app activities are active
- Fix for issue occasionally preventing screenshots from being captured in certain apps
- Fix for issue occasionally preventing Wallpaper & style settings to open
- Battery & Charging
- Fix for issue occasionally causing app-specific battery restriction settings to be reset after a software update
- Fix for issue occasionally preventing Battery Share from charging certain devices or accessories *[2]
- General improvements for charging, battery usage or performance in certain conditions *[1]
- General improvements for wireless charging stability or performance in certain conditions *[2]
Biometrics
- Additional improvements for fingerprint recognition and response in certain conditions *[1]
Bluetooth
- Fix for issue occasionally preventing Android Auto to connect wirelessly with certain vehicle head units
- Improvements for connection stability with certain Bluetooth LE headsets or accessories
Camera
- General improvements for camera stability and performance in certain conditions *[1]
- Improvements for color accuracy or exposure level while using the front camera in certain conditions *[3]
Display & Graphics
- Fix for issue occasionally causing display flicker or artifacts in certain apps or conditions *[1]
- Fix for issue occasionally causing instability or playback errors with certain media apps or content *[1]
- Fix for issue occasionally causing video preview to flicker in certain apps *[1]
Framework
- Fix for issue occasionally preventing keyboard from displaying in certain apps or conditions
Sensors
- Additional tuning for haptics intensity and response in certain conditions *[4]
- General improvements for adaptive brightness response in certain conditions
System
- Fix for issue preventing device bootloader from being unlocked in certain conditions *[4]
- Fix for issue preventing device from booting to Android in certain conditions *[4]
- General improvements for system stability and performance in certain conditions
- Kernel updates to 4.14.295 *[5], 4.19.261 *[6], 5.10.149 *[1]
Telephony
- General improvements for network connection stability and performance in certain conditions
Touch
- General improvements for touch response and performance in certain conditions *[3]
User Interface
- Fix for issue causing certain on-device search results to launch apps in work profile
- Fix for issue causing certain text entries in Battery Usage settings to overlap each other while scrolling
- Fix for issue causing home screen UI to appear blurred in certain conditions
- Fix for issue causing lag or delay with switching between apps while third-party launcher apps are in use
- Fix for issue occasionally causing inner launcher icons to appear clipped after closing a folder
- Fix for issue occasionally causing input text to overlap inside search bar
- Fix for issue occasionally causing media player notification to appear cut off or trimmed
- Fix for issue occasionally causing navigation UI to display over Assistant interface
- Fix for issue occasionally causing notification drawer to appear empty or blank
- Fix for issue occasionally causing Overview screen panels to display over home screen
- Fix for issue occasionally causing Quick Settings tiles to be activated while menu is not pulled down
- Fix for issue occasionally causing screen unlock to overlap with notifications, home screen or other UI elements
- Fix for issue occasionally causing silent mode icon to appear hidden or missing from status bar
- Fix for issue occasionally preventing app icon size to scale correctly when changing display size
- Fix for issue occasionally preventing screenshot sharing or editing to work when tapping overlay buttons
- Fix for issue preventing haptic feedback when interacting with notification drawer in certain conditions
- General improvements for performance in certain UI transitions and animations
- Improvements for home screen icon behavior when switching between different grid sizes
- Improvements for status bar layout and response in certain device orientations
Wi-Fi
- General improvements for Wi-Fi network connection stability & performance in certain conditions
- Improvements for connection stability with certain Wi-Fi 6E-capable routers or networks *[1]
---------------------------------------------------------------
Device Applicability
Fixes are available for all supported Pixel devices unless otherwise indicated below.
*[1] Included on Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro
*[2] Included on Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro
*[3] Included on Pixel 7, Pixel 7 Pro
*[4] Included on Pixel 6a
*[5] Included on Pixel 4a
*[6] Included on Pixel 4a (5G), Pixel 5, Pixel 5a (5G)
| CVE | Severity | Component | Subcomponent/Type | Updated AOSP versions |
| CVE-2023-20906 | High | Framework | EoP | 11、12、12L、13 |
| CVE-2023-20911 | High | Framework | EoP | 11、12、12L、13 |
| CVE-2023-20917 | High | Framework | EoP | 11、12、12L、13 |
| CVE-2023-20947 | High | Framework | EoP | 12、12L、13 |
| CVE-2023-20963 | High | Framework | EoP | 11、12、12L、13 |
| CVE-2023-20956 | High | Framework | ID | 12、12L、13 |
| CVE-2023-20958 | High | Framework | ID | 13 |
| CVE-2023-20964 | High | Framework | DoS | 12、12L、13 |
| CVE-2023-20951 | Critical | System | RCE | 11、12、12L、13 |
| CVE-2023-20954 | Critical | System | RCE | 11、12、12L、13 |
| CVE-2023-20926 | High | System | EoP | 12、12L、13 |
| CVE-2023-20931 | High | System | EoP | 11、12、12L、13 |
| CVE-2023-20936 | High | System | EoP | 11、12、12L、13 |
| CVE-2023-20953 | High | System | EoP | 13 |
| CVE-2023-20955 | High | System | EoP | 11、12、12L、13 |
| CVE-2023-20957 | High | System | EoP | 11、12、12L |
| CVE-2023-20959 | High | System | EoP | 13 |
| CVE-2023-20960 | High | System | EoP | 12L、13 |
| CVE-2023-20966 | High | System | EoP | 11、12、12L、13 |
| CVE-2022-4452 | High | System | ID | 13 |
| CVE-2022-20467 | High | System | ID | 11、12、12L、13 |
| CVE-2023-20929 | High | System | ID | 13 |
| CVE-2023-20952 | High | System | ID | 11、12、12L、13 |
| CVE-2023-20962 | High | System | ID | 13 |
| CVE-2022-20499 | High | System | DoS | 12、12L、13 |
| CVE-2023-20910 | High | System | DoS | 11、12、12L、13 |
| CVE-2023-20956 | ー | Google Play system updates | Media Codecs | ー |
| CVE-2023-20947 | ー | Google Play system updates | Permission Controller | ー |
| CVE-2023-20929 | ー | Google Play system updates | Tethering | ー |
| CVE-2022-20499 | ー | Google Play system updates | WiFi | ー |
| CVE-2023-20910 | ー | Google Play system updates | WiFi | ー |
| CVE-2021-33655 | High | Kernel | EoP/Frame Buffer | ー |
| CVE-2023-20620 | High | MediaTek components | adsp | ー |
| CVE-2023-20621 | High | MediaTek components | tinysys | ー |
| CVE-2023-20623 | High | MediaTek components | ion | ー |
| CVE-2022-47459 | High | Unisoc components | Kernel | ー |
| CVE-2022-47461 | High | Unisoc components | system | ー |
| CVE-2022-47462 | High | Unisoc components | system | ー |
| CVE-2022-47460 | High | Unisoc components | Kernel | ー |
| CVE-2022-22075 | High | Qualcomm components | Display | ー |
| CVE-2022-40537 | High | Qualcomm components | Bluetooth | ー |
| CVE-2022-40540 | High | Qualcomm components | Kernel | ー |
| CVE-2022-33213 | Critical | Qualcomm components | Closed-source component | ー |
| CVE-2022-33256 | Critical | Qualcomm components | Closed-source component | ー |
| CVE-2022-25655 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-25694 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-25705 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-25709 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-33242 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-33244 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-33250 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-33254 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-33272 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-33278 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-33309 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-40515 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-40527 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-40530 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-40531 | High | Qualcomm components | Closed-source component | ー |
| CVE-2022-40535 | High | Qualcomm components | Closed-source component | ー |
| CVE | Severity | Component | Subcomponent/Type | Updated AOSP versions |
| CVE-2023-21000 | Moderate | Framework | RCE | 13 |
| CVE-2022-20532 | Moderate | Framework | EoP | 13 |
| CVE-2022-20542 | Moderate | Framework | EoP | 13 |
| CVE-2023-20971 | Moderate | Framework | EoP | 13 |
| CVE-2023-20993 | Moderate | Framework | EoP | 13 |
| CVE-2023-21017 | Moderate | Framework | EoP | 13 |
| CVE-2023-21028 | Moderate | Framework | ID | 13 |
| CVE-2023-21029 | Moderate | Framework | ID | 13 |
| CVE-2023-21031 | Moderate | Framework | ID | 13 |
| CVE-2023-20996 | Moderate | Framework | DoS | 13 |
| CVE-2023-20997 | Moderate | Framework | DoS | 13 |
| CVE-2023-20998 | Moderate | Framework | DoS | 13 |
| CVE-2023-20999 | Moderate | Framework | DoS | 13 |
| CVE-2023-21026 | Moderate | Framework | DoS | 13 |
| CVE-2023-20975 | Moderate | System | EoP | 13 |
| CVE-2023-20976 | Moderate | System | EoP | 13 |
| CVE-2023-20985 | Moderate | System | EoP | 13 |
| CVE-2023-20994 | Moderate | System | EoP | 13 |
| CVE-2023-20995 | Moderate | System | EoP | 13 |
| CVE-2023-21001 | Moderate | System | EoP | 13 |
| CVE-2023-21002 | Moderate | System | EoP | 13 |
| CVE-2023-21003 | Moderate | System | EoP | 13 |
| CVE-2023-21004 | Moderate | System | EoP | 13 |
| CVE-2023-21005 | Moderate | System | EoP | 13 |
| CVE-2023-21015 | Moderate | System | EoP | 13 |
| CVE-2023-21018 | Moderate | System | EoP | 13 |
| CVE-2023-21020 | Moderate | System | EoP | 13 |
| CVE-2023-21021 | Moderate | System | EoP | 13 |
| CVE-2023-21022 | Moderate | System | EoP | 13 |
| CVE-2023-21024 | Moderate | System | EoP | 13 |
| CVE-2023-21030 | Moderate | System | EoP | 13 |
| CVE-2023-21034 | Moderate | System | EoP | 13 |
| CVE-2023-21035 | Moderate | System | EoP | 13 |
| CVE-2022-40303 | Moderate | System | ID | 13 |
| CVE-2023-20968 | Moderate | System | ID | 13 |
| CVE-2023-20969 | Moderate | System | ID | 13 |
| CVE-2023-20970 | Moderate | System | ID | 13 |
| CVE-2023-20972 | Moderate | System | ID | 13 |
| CVE-2023-20973 | Moderate | System | ID | 13 |
| CVE-2023-20974 | Moderate | System | ID | 13 |
| CVE-2023-20977 | Moderate | System | ID | 13 |
| CVE-2023-20979 | Moderate | System | ID | 13 |
| CVE-2023-20980 | Moderate | System | ID | 13 |
| CVE-2023-20981 | Moderate | System | ID | 13 |
| CVE-2023-20982 | Moderate | System | ID | 13 |
| CVE-2023-20983 | Moderate | System | ID | 13 |
| CVE-2023-20984 | Moderate | System | ID | 13 |
| CVE-2023-20986 | Moderate | System | ID | 13 |
| CVE-2023-20987 | Moderate | System | ID | 13 |
| CVE-2023-20988 | Moderate | System | ID | 13 |
| CVE-2023-20989 | Moderate | System | ID | 13 |
| CVE-2023-20990 | Moderate | System | ID | 13 |
| CVE-2023-20991 | Moderate | System | ID | 13 |
| CVE-2023-20992 | Moderate | System | ID | 13 |
| CVE-2023-21006 | Moderate | System | ID | 13 |
| CVE-2023-21007 | Moderate | System | ID | 13 |
| CVE-2023-21008 | Moderate | System | ID | 13 |
| CVE-2023-21009 | Moderate | System | ID | 13 |
| CVE-2023-21010 | Moderate | System | ID | 13 |
| CVE-2023-21011 | Moderate | System | ID | 13 |
| CVE-2023-21012 | Moderate | System | ID | 13 |
| CVE-2023-21013 | Moderate | System | ID | 13 |
| CVE-2023-21014 | Moderate | System | ID | 13 |
| CVE-2023-21019 | Moderate | System | ID | 13 |
| CVE-2023-21025 | Moderate | System | ID | 13 |
| CVE-2023-21027 | Moderate | System | ID | 13 |
| CVE-2023-21032 | Moderate | System | ID | 13 |
| CVE-2023-21016 | Moderate | System | DoS | 13 |
| CVE-2023-21033 | Moderate | System | DoS | 13 |
| CVE-2022-42498 | Critical | Pixel | RCE/Cellular firmware | ー |
| CVE-2022-42499 | Critical | Pixel | RCE/modem | ー |
| CVE-2023-21057 | Critical | Pixel | RCE/Cellular firmware | ー |
| CVE-2023-21058 | Critical | Pixel | RCE/Cellular firmware | ー |
| CVE-2023-24033 | Critical | Pixel | RCE/Modem | ー |
| CVE-2023-21041 | Critical | Pixel | EoP/GSC | ー |
| CVE-2022-42528 | Critical | Pixel | ID/TF-A | ー |
| CVE-2023-21054 | High | Pixel | RCE/Modem | ー |
| CVE-2023-21040 | High | Pixel | EoP/Bluetooth | ー |
| CVE-2023-21065 | High | Pixel | EoP/libfdt | ー |
| CVE-2023-21036 | High | Pixel | ID/Markup | ー |
| CVE-2023-21067 | High | Pixel | ID/GPS | ー |
| CVE-2022-42500 | Moderate | Pixel | EoP/Telephony | ー |
| CVE-2023-21038 | Moderate | Pixel | EoP/Cs40l25 haptic driver | ー |
| CVE-2023-21042 | Moderate | Pixel | EoP/LWIS | ー |
| CVE-2023-21043 | Moderate | Pixel | EoP/LWIS | ー |
| CVE-2023-21050 | Moderate | Pixel | EoP/libexynosdisplay | ー |
| CVE-2023-21051 | Moderate | Pixel | EoP/exynos | ー |
| CVE-2023-21052 | Moderate | Pixel | EoP/libril_sitril | ー |
| CVE-2023-21055 | Moderate | Pixel | EoP/cpif | ー |
| CVE-2023-21056 | Moderate | Pixel | EoP/lwis | ー |
| CVE-2023-21062 | Moderate | Pixel | EoP/rild_exynos | ー |
| CVE-2023-21063 | Moderate | Pixel | EoP/rild_exynos | ー |
| CVE-2023-21064 | Moderate | Pixel | EoP/rild_exynos | ー |
| CVE-2023-21068 | Moderate | Pixel | EoP/Fastboot startup screen | ー |
| CVE-2023-21069 | Moderate | Pixel | EoP/bcm4389 driver | ー |
| CVE-2023-21070 | Moderate | Pixel | EoP/bcm4389 driver | ー |
| CVE-2023-21071 | Moderate | Pixel | EoP/bcm4389 driver | ー |
| CVE-2023-21072 | Moderate | Pixel | EoP/bcm4389 driver | ー |
| CVE-2023-21073 | Moderate | Pixel | EoP/bcm4389 driver | ー |
| CVE-2023-21075 | Moderate | Pixel | EoP/bcmdhd driver | ー |
| CVE-2023-21076 | Moderate | Pixel | EoP/bcmdhd driver | ー |
| CVE-2023-21077 | Moderate | Pixel | EoP/bcm4389 driver | ー |
| CVE-2023-21078 | Moderate | Pixel | EoP/bcm4389 driver | ー |
| CVE-2023-21079 | Moderate | Pixel | EoP/bcm4389 | ー |
| CVE-2023-21039 | Moderate | Pixel | ID/dumpstate | ー |
| CVE-2023-21044 | Moderate | Pixel | ID/libvendorgraphicbuffer | ー |
| CVE-2023-21045 | Moderate | Pixel | ID/CPIF | ー |
| CVE-2023-21046 | Moderate | Pixel | ID/Camera HAL | ー |
| CVE-2023-21047 | Moderate | Pixel | ID/Camera HAL | ー |
| CVE-2023-21048 | Moderate | Pixel | ID/WiFi | ー |
| CVE-2023-21049 | Moderate | Pixel | ID/Camera | ー |
| CVE-2023-21053 | Moderate | Pixel | ID/SMS | ー |
| CVE-2023-21059 | Moderate | Pixel | ID/Cellular firmware | ー |
| CVE-2023-21060 | Moderate | Pixel | ID/SMS | ー |
| CVE-2023-21061 | Moderate | Pixel | DoS/Wifi | ー |
| CVE-2022-25712 | Moderate | Qualcomm components | Camera | ー |
| CVE-2022-33245 | Moderate | Qualcomm components | WLAN | ー |
| CVE-2022-33260 | Moderate | Qualcomm components | Closed-source component | ー |
| CVE-2022-40518 | Moderate | Qualcomm components | Closed-source component | ー |
| CVE-2022-40519 | Moderate | Qualcomm components | Closed-source component | ー |
記事執筆:memn0ck
■関連リンク
・エスマックス(S-MAX)
・エスマックス(S-MAX) smaxjp on Twitter
・S-MAX - Facebookページ
・Pixelシリーズ 関連記事一覧 - S-MAX
・Android Security Bulletin-March 2023 | Android Open Source Project
・Pixel Update Bulletin-March 2023 | Android Open Source Project
・Google Pixel Update - March 2023 - Google Pixel Community
・Google Pixel 7 Pro(グーグル ピクセル セブン プロ) アップデート情報 | 製品アップデート情報 | au
・Google Pixel 7(グーグル ピクセル セブン) アップデート情報 | 製品アップデート情報 | au
・Google Pixel 5(グーグル ピクセル ファイブ) アップデート情報 | 製品アップデート情報 | au
・Google Pixel 7、Google Pixel 7 Proをご利用中のお客さまへ(2023年3月14日) | スマートフォン・携帯電話 | ソフトバンク
・Google Pixel 5a(5G)をご利用中のお客さまへ(2023年3月14日) | スマートフォン・携帯電話 | ソフトバンク
・Google Pixel 4a(5G)、Google Pixel 5をご利用中のお客さまへ(2023年3月14日) | スマートフォン・携帯電話 | ソフトバンク
・Google Pixel 4aをご利用中のお客さまへ(2023年3月14日) | スマートフォン・携帯電話 | ソフトバンク
・Android | 可能性を推し進めるプラットフォーム
