Friend
Professional
- Messages
- 2,653
- Reaction score
- 850
- Points
- 113
The August security patch is designed to protect all vulnerable devices.
In August 2024, developers of the Android released security updates that fixed 46 problems, including a serious remote code execution (RCE) vulnerability used in targeted attacks.
The zero-day vulnerability, identified as CVE-2024-36971, is a Use-After-Free error in the Linux kernel's network route management. Successful operation requires the system run privilege, which allows you to change the behavior of certain network connections.
Google reports that there are signs of limited targeted exploitation of the CVE-2024-36971 vulnerability, which allows attackers to execute arbitrary code without user interaction on more unsupported devices.
Although Google itself has not yet provided details about how the vulnerability is exploited and who is behind the attacks, such vulnerabilities are often used by many government APT hackers to attack high-profile targets.
"The source codes for fixing these issues will be published in the Android Open Source Project (AOSP) repository within the next 48 hours," the developers said in a statement. At the same time, all Android partners were notified of the identified issues at least one month before the release of the patch sheet.
Earlier this year, Google patched another zero-day vulnerability used in real-world attacks. This was a high-severity privilege escalation (EoP) vulnerability in the Pixel firmware. Forensics companies have long used this vulnerability to unlock Android devices without a PIN and gain access to stored data.
For the August security updates, Google has released two sets of patches: security levels 2024-08-01 and 2024-08-05. The latter includes all fixes from the first set and additional patches for third-party proprietary components and the kernel, such as the critical vulnerability ( CVE-2024-23350 ) in the Qualcomm proprietary component.
It's important to note that not all Android devices need patches that apply to patch level 2024-08-05. Device manufacturers can also prioritize the initial patch level to simplify the update process. However, this does not necessarily indicate an increased risk of potential exploitation.
It is worth emphasizing that Google Pixel devices receive monthly security updates immediately after their release, while other manufacturers may need time to test and deploy patches to ensure compatibility with various hardware configurations.
Source
In August 2024, developers of the Android released security updates that fixed 46 problems, including a serious remote code execution (RCE) vulnerability used in targeted attacks.
The zero-day vulnerability, identified as CVE-2024-36971, is a Use-After-Free error in the Linux kernel's network route management. Successful operation requires the system run privilege, which allows you to change the behavior of certain network connections.
Google reports that there are signs of limited targeted exploitation of the CVE-2024-36971 vulnerability, which allows attackers to execute arbitrary code without user interaction on more unsupported devices.
Although Google itself has not yet provided details about how the vulnerability is exploited and who is behind the attacks, such vulnerabilities are often used by many government APT hackers to attack high-profile targets.
"The source codes for fixing these issues will be published in the Android Open Source Project (AOSP) repository within the next 48 hours," the developers said in a statement. At the same time, all Android partners were notified of the identified issues at least one month before the release of the patch sheet.
Earlier this year, Google patched another zero-day vulnerability used in real-world attacks. This was a high-severity privilege escalation (EoP) vulnerability in the Pixel firmware. Forensics companies have long used this vulnerability to unlock Android devices without a PIN and gain access to stored data.
For the August security updates, Google has released two sets of patches: security levels 2024-08-01 and 2024-08-05. The latter includes all fixes from the first set and additional patches for third-party proprietary components and the kernel, such as the critical vulnerability ( CVE-2024-23350 ) in the Qualcomm proprietary component.
It's important to note that not all Android devices need patches that apply to patch level 2024-08-05. Device manufacturers can also prioritize the initial patch level to simplify the update process. However, this does not necessarily indicate an increased risk of potential exploitation.
It is worth emphasizing that Google Pixel devices receive monthly security updates immediately after their release, while other manufacturers may need time to test and deploy patches to ensure compatibility with various hardware configurations.
Source
