Google has launched month-to-month safety updates for the Android, which include fixes for 46 vulnerabilities, together with the repair for 3 actively exploited bugs.
Google has launched the month-to-month safety updates for the Android working system, which include fixes for 46 vulnerabilities, together with the repair for 3 actively exploited bugs.
“There are indications that the next (vulnerabilities) could also be underneath restricted, focused exploitation — CVE-2023-26083, CVE-2021-29256, and CVE-2023-2136,” reads Android Safety Bulletin.
In line with Bleeping Pc, CVE-2023-26083 is a medium-severity reminiscence leak flaw within the Arm Mali GPU driver for Bifrost, Avalon, and Valhall chips that was exploited in a December 2022 exploit chain that delivered spyware and adware to Samsung units.
CVE-2021-29256 is a important (CVSS v3.1: 8.8) unprivileged data disclosure and root privilege escalation vulnerability that impacts particular variations of the Bifrost and Midgard Arm Mali GPU kernel drivers.
The third vulnerability, CVE-2023-2136, is a critical-severity one with a rating of 9.6 out of 10 as it’s an integer overflow bug in Skia, Google’s open-source multi-platform 2D graphics library that can also be utilized in Chrome, the place it was fastened in April, the report stated.
Furthermore, the report talked about that CVE-2023-21250, a important vulnerability in Android’s System element that impacts Android variations 11, 12, and 13, is essentially the most severe of the safety points that Google fastened this month.
The Android safety replace for this month covers Android variations 11, 12, and 13, however relying on the scope of the addressed vulnerabilities, they could have an effect on older OS variations which are now not supported.
Final month, Google issued a safety replace for the Chrome net browser to deal with the third zero-day vulnerability exploited by hackers this 12 months.
“Google is conscious that an exploit for CVE-2023-3079 exists within the wild,” Google stated in a blogpost.
— IANS