Google has launched its monthly security patches for the Android system, resolving 46 newly discovered software vulnerabilities. Among them, three security loopholes were found to have been actively manipulated in targeted cyberattacks.
The vulnerability labeled CVE-2023-26083 is a memory leakage issue in the Arm Mali GPU driver applicable to Bifrost, Avalon, and Valhall chips. This weakness was previously manipulated in an attack that led to a spyware breach on Samsung gadgets in December 2022.
This flaw was considered so severe that the Cybersecurity and Infrastructure Security Agency (CISA) felt compelled to instruct federal agencies to apply a security patch in April 2023.
Another unique vulnerability, referenced as CVE-2021-29256, is a high-priority concern that impacts select models of the Bifrost and Midgard Arm Mali GPU kernel drivers. This problem enables an unprivileged user to illegitimately access confidential information and upgrade privileges to the root level.
The third manipulated vulnerability, CVE-2023-2136, is a high-impact bug found in Skia, Google’s multi-platform open-source 2D graphics library. It was initially revealed as a zero-day vulnerability in the Chrome browser and permits a remote attacker who has seized control of the rendering process to evade sandbox restrictions and implement remote code on Android gadgets.
In addition, Google’s July Android security announcement draws attention to another high-risk vulnerability, CVE-2023-21250, which affects the Android System component. This issue can facilitate remote code execution with no user engagement or additional execution permissions, making it notably hazardous.
These security patches are disseminated across two patch stages. The first patch stage, released on July 1, emphasizes core Android elements, addressing 22 security flaws in the Framework and System components.
The secondary patch stage, introduced on July 5, aims at kernel and proprietary components, resolving 20 vulnerabilities in the Kernel, Arm, Imagination Technologies, MediaTek, and Qualcomm components.
The effects of the resolved vulnerabilities could reach beyond the officially supported Android versions (11, 12, and 13), potentially impacting older operating system versions that no longer receive formal support.
In addition, Google has also rolled out specialized security patches for its Pixel devices, addressing 14 vulnerabilities in the Kernel, Pixel, and Qualcomm components. Two of these high-priority flaws could lead to privilege escalation and denial-of-service assaults.