Google Fixes Zero-Day Kernel Vulnerability In Android Devices

Google on Monday announced its August 2024 security patches, which address 46 vulnerabilities, including a critical zero-day flaw affecting the Android kernel that was being actively exploited in targeted attacks.

Clement Lecigne, a security researcher from Google’s Threat Analysis Group (TAG), has been credited for discovering and reporting the zero-day vulnerability in Android devices.

Tracked as CVE-2024-36971,ย the zero-day flaw has been described as a high-severity issue impacting the kernel, which can be exploited for remote code execution (RCE) with โ€œSystem execution privileges neededโ€.

Table Of Contents

What’s the vulnerability?

This flaw is a use-after-free (UAF) vulnerability in the Linux kernel’s network route management, which allows attackers to manipulate freed memory, leading to random behavior and often malicious consequences.

โ€œThere are indications that CVE-2024-36971 may be under limited, targeted exploitationโ€, the search giant noted in its August 2024 monthly Android security advisory. The threat actors could potentially use it to execute arbitrary code without user interaction on unpatched devices.

While Google did not disclose details about the exploitation or the threat actors behind the attacks,ย it is known that TAG security researchers often identify and disclose zero-days used in state-sponsored surveillance software attacks, targeting high-profile individuals.

Patches Released

Google has released two patch sets, the 2024-08-01 and 2024-08-05 security patch levels, as part of the August 2024 security updates.

In the 2024-08-01 initial security patch level, the Android Framework has been patched with 13 high-severity vulnerabilities, 11 of which are Escalation of Privilege (EoP), one Information Disclosure (ID), and one Denial-of-Service (DoS). Additionally, a high-severity vulnerability (CVE-2024-34727) in the System component has also been addressed.

Further, the second set of patches, which is the 2024-08-05 security patch level, includes fixes for 32 vulnerabilities, including Kernel

(1), Arm components (2), Imagination Technologies (1), MediaTek components (1), Qualcomm components (20), and Qualcomm closed-source components (7), which include a critical vulnerability (CVE-2024-23350).

The advisory explains, “Source code patches for these issues will be released to the Android Open Source Project (AOSP) repository in the next 48 hours.”

While Google Pixel devices receive immediate security updates, other device manufacturers may have a delay in rolling out the updates due to the need for additional testing of the security patches to ensure compatibility across various hardware configurations.

Hence, it is strongly recommended that Android users apply the 2024-08-01 and 2024-08-05 security patch levels as soon as possible to protect their devices and themselves from significant security risks.

Earlier this year, Google patched a zero-day, high-severity vulnerability, tagged as CVE-2024-32896, which was described as an Elevation of Privilege (EoP) flaw in the Pixel firmware.

Subscribe to our newsletter

To be updated with all the latest news

Kavita Iyer
Kavita Iyerhttps://www.techworm.net
An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human!!!

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe to our newsletter

To be updated with all the latest news

Read More

Suggested Post