Cyber Security Threat Summary:
For the month of June, Google released 46 new software vulnerabilities, some of which were actively exploited in attacks in the wild. Among the vulnerabilities addressed is a memory leak flaw impacting the Arm Mali GPU driver for Bifrost, Avalon, and Valhall chips. Tracked as CVE-2023-26083, the bug was exploited in a previous attack that enabled spyware infiltration on Samsung devices in December 2022. Another serious vulnerability addressed is CVE-2021-29256 which relates to a high-severity issue impacting specific versions of the Bifrost and Midgard Arm Mali GPU kernel drivers. Successful exploitation of this flaw could enable unauthenticated threat actors to gain unauthorized access to sensitive data and escalate privileges to the root level.

“The third exploited vulnerability, CVE-2023-2136, is a critical-severity bug discovered in Skia, Google's open-source multi-platform 2D graphics library. It was initially disclosed as a zero-day vulnerability in the Chrome browser and allows a remote attacker who has taken over the renderer process to perform a sandbox escape and implement remote code on Android devices. Besides these, Google's July Android security bulletin highlights another critical vulnerability, CVE-2023-21250, affecting the Android System component. This issue can cause remote code execution without user interaction or additional execution privileges, making it particularly precarious” (The Hacker News, 2023).

Security Officer Comments:
Google released security updates in two batches. The first patch was released on July 1, 2023, which focuses on core Android components and addresses security defects in the Framework and System components. The other batch was released on July 5 and focuses on kernel and closed-source components. In total 20 vulnerabilities in Kernel, Arm, Imagination Technologies, MediaTek, and Qualcomm components were fixed along with the release of the second patch

“Google has further launched particular security patches for its Pixel devices, dealing with 14 vulnerabilities in Kernel, Pixel, and Qualcomm components. Two of these critical weaknesses could result in privilege elevation and denial-of-service attacks” (The Hacker News, 2023).

Suggested Correction(s):
Given that some of the flaws were exploited in attacks in the wild, it’s important that users update their devices as soon as possible. Although the vulnerabilities affect Android version 11,12,13, old OS versions which no longer receive official support could also be impacted.

Link(s):
https://thehackernews.com/2023/07/google-releases-android-patch-update.html