Indian News Daily Update

Google Fixes 3 of Android’s Most Actively Exploited Bugs: Complete Information

<p>The monthly security upgrades from Google for the Android operating system include solutions for three actively exploited issues as well as 46 vulnerabilities.</p>
<p>According to Android Security Bulletin, “There are indications that the following (vulnerabilities) — CVE-2023-26083, CVE-2021-29256, and CVE-2023-2136 — may be under limited, targeted exploitation.”</p>
<p>A December 2022 attack chain that delivered malware to Samsung devices used CVE-2023-26083, a medium-severity memory leak issue in the Arm Mali GPU driver for Bifrost, Avalon, and Valhall processors, according to BleepingComputer.<img decoding=”async” class=”alignnone wp-image-61779″ src=”×422.jpg” alt=”” width=”1560″ height=”878″ srcset=”×422.jpg 750w,×432.jpg 768w,×220.jpg 390w,×84.jpg 150w, 800w” sizes=”(max-width: 1560px) 100vw, 1560px” /></p>
<p>Specific versions of the Bifrost and Midgard Arm Mali GPU kernel drivers are vulnerable to CVE-2021-29256, a significant (CVSS v3.1: 8.8) vulnerability that allows for the exposure of unprivileged information and the elevation of root power.</p>
<p>As an integer overflow flaw in Skia, Google’s open-source, cross-platform 2D graphics library, which is also used in Chrome, the third vulnerability, CVE-2023-2136, is critical-severity and has a score of 9.6 out of 10. It was resolved in April, according to the study.</p>
<p>The most significant security flaw that Google repaired this month, according to the report, is CVE-2023-21250, a major vulnerability in the System component of Android that affects versions 11, 12, and 13.</p>
<p>This month’s Android security update covers Android versions 11, 12, and 13, although depending on the severity of the vulnerabilities fixed, it may also impact earlier, unsupported OS versions.</p>
<p>Google released a security update for the Chrome web browser last month to fix the third zero-day vulnerability that hackers have exploited this year.</p>
<p>Google acknowledged the existence of a CVE-2023-3079 vulnerability in the wild in a blog post.</p>
<p> </p>
<p> </p>

Related posts

With TVS Raider Super Squad Edition, Reignite Your Superhero Dreams

FPIs Support Indian Equities This Month With Impressive Rs 43,800 Cr Investment

Everybody with black money will be targeted by agencies: FM