Patchday: Attackers exploit security vulnerability in the Android kernel
Google has closed several vulnerabilities in its Android mobile operating system.
Attackers are currently targeting Android devices and actively exploiting a security vulnerability. However, attacks are not possible without further ado. In addition to the exploited vulnerability, the developers have also closed other vulnerabilities in Android 12, 12L, 13 and 14.
The security vulnerabilities
A warning message indicates that the exploited vulnerability (CVE-2024-36971"high"). affects the kernel. Attackers can use this vulnerability to launch malicious code attacks in an unspecified way. For an attack to work, however, an attacker must already have rights to execute commands in the system. The extent of the attacks is not yet clear. Google speaks of targeted attacks on a limited scale.
Other dangerous vulnerabilities affect the framework and system. Attackers can use these vulnerabilities to leak information or gain higher user rights, among other things. The majority of the vulnerabilities are classified as"high". In addition, various components from Qualcomm and Imagination Technologies are also affected. These include the display and WLAN components.
One vulnerability (CVE-202423350) is considered"critical". It is currently not known what impact successful attacks in this context could have. However, based on the classifications, it can be assumed that attackers can completely compromise devices in numerous instances.
Updates available
If you have an Android device that is still under support, you should ensure that patch level 2024-08-01 or 2024-08-05 is installed in the settings. In addition to Google, Samsung also releases monthly security updates for selected devices (see box).
(des)