Google releases patches for 3 vulnerabilities being exploited on Android.

According to The Hacker News , among the Android vulnerabilities that Google has patched, three are being exploited in targeted attacks. One vulnerability, codenamed CVE-2023-26083, is a memory leak affecting the Arm Mali GPU driver for Bifrost, Avalon, and Valhall chips.

This vulnerability was exploited in an attack that installed spyware on Samsung devices in December 2022. It was deemed serious enough for the Cybersecurity and Infrastructure Security Agency (CISA) to issue a patch order to federal agencies in April 2023.

Another critical vulnerability, coded CVE-2021-29256, is classified as high severity and affects specific versions of the Bifrost and Midgard Arm Mali GPU core drivers. This flaw allows unprivileged users to gain unauthorized access to sensitive data and escalate privileges to the highest level.

The third exploited vulnerability is CVE-2023-2136, a high-severity vulnerability in Skia, Google's cross-platform open-source 2D graphics library. Initially identified as a zero-day vulnerability in the Chrome browser, it allows a remote attacker to gain privileges to escape the sandbox and remotely deploy code on an Android device.

Google's July Android security patch also addresses the critical vulnerability CVE-2023-21250, affecting an Android system component. This issue could allow remote code execution without user interaction or additional privileges.

These security updates are deployed in two tiers. The first patch, released on July 1st, focuses on core Android components, addressing 22 security vulnerabilities in framework and system components. The second patch, released on July 5th, fixes vulnerabilities in kernel and closed-source components, addressing 20 flaws in kernel components, Arm chips, and imaging technologies of MediaTek and Qualcomm processors.

However, the impact of these vulnerabilities may extend beyond supported Android versions (11, 12, and 13), potentially affecting older operating system versions that no longer receive official support.

Google also released security patches addressing 14 vulnerabilities in components for Pixel devices. Two of these critical vulnerabilities allow for privilege escalation and denial-of-service attacks.