Google has released monthly security updates for the Android operating system, addressing 46 new software vulnerabilities. Among these, three vulnerabilities have been identified as being actively exploited in targeted attacks.
One of the vulnerabilities tracked as CVE-2023-26083 is a memory leak flaw that affects Arm Mali GPU drivers for Bifrost, Avalon, and Valhall chips. This particular vulnerability was exploited in a previous attack that allowed spyware infiltration on Samsung devices in December 2022.
This vulnerability was deemed serious enough to prompt the Cybersecurity and Infrastructure Security Agency (CISA) to issue a patch order for federal agencies in April 2023.
Another significant vulnerability, identified as CVE-2021-29256, is a high-severity issue that affects certain versions of the Bifrost and Midgard Arm Mali GPU kernel drivers. This flaw allows an unprivileged user to gain unauthorized access to sensitive data and elevate privileges to root level.
The third exploited vulnerability, CVE-2023-2136, was a critical severity bug found in Skia, Google’s open source multi-platform 2D graphics library. This was initially disclosed as a zero-day vulnerability in the Chrome browser and allows a remote attacker who has taken over the renderer process to perform sandbox escapes and implement remote code on Android devices.
Additionally, Google’s July Android security bulletin highlighted another critical vulnerability, CVE-2023-21250, which affects Android System components. This issue can lead to remote code execution without additional user interaction or execution privileges, making it critical.
This security update launched in two patch tiers. The initial patch level, available on July 1, focuses on core Android components, addressing 22 security flaws in the Framework and System components.
🔐 Privileged Access Management: Learn How to Beat Key Challenges
Discover different approaches to conquering Privileged Account Management (PAM) challenges and enhance your privileged access security strategy.
The second patch level, released on July 5, targets closed-source kernels and components, addressing 20 vulnerabilities in Kernel, Arm, Imagination Technologies, MediaTek, and Qualcomm components.
It’s important to note that the impact of addressed vulnerabilities could extend beyond supported Android versions (11, 12, and 13), potentially affecting older OS versions that no longer receive official support.
Google has further rolled out a custom security patch for its Pixel devices, addressing 14 vulnerabilities in the Kernel, Pixel and Qualcomm components. Two of these critical flaws can result in privilege escalation and denial-of-service attacks.