Google has mounted safety vulnerabilities on Android.
Google has launched the month-to-month safety updates for the Android working system, which include fixes for 46 vulnerabilities, together with the repair for 3 actively exploited bugs.
Google has launched the month-to-month safety updates for the Android working system, which include fixes for 46 vulnerabilities, together with the repair for 3 actively exploited bugs.
“There are indications that the next (vulnerabilities) could also be below restricted, focused exploitation — CVE-2023-26083, CVE-2021-29256, and CVE-2023-2136,” reads Android Security Bulletin.
CVE-2021-29256 is a critical (CVSS v3.1: 8.8) unprivileged information disclosure and root privilege escalation vulnerability that affects specific versions of the Bifrost and Midgard Arm Mali GPU kernel drivers.
The third vulnerability, CVE-2023-2136, is a critical-severity one with a score of 9.6 out of 10 as it is an integer overflow bug in Skia, Google’s open-source multi-platform 2D graphics library that is also used in Chrome, where it was fixed in April, the report said.
Moreover, the report mentioned that CVE-2023-21250, a critical vulnerability in Android’s System component that affects Android versions 11, 12, and 13, is the most serious of the security issues that Google fixed this month.
The Android security update for this month covers Android versions 11, 12, and 13, but depending on the scope of the addressed vulnerabilities, they may affect older OS versions that are no longer supported.
Last month, Google issued a security update for the Chrome web browser to address the third zero-day vulnerability exploited by hackers this year.
“Google is aware that an exploit for CVE-2023-3079 exists in the wild,” Google stated in a blogpost.
(This story has not been edited by News18 employees and is revealed from a syndicated information company feed – IANS)