Google Addresses 46 Vulnerabilities with July's Android Security Update

Google addresses an astonishing 46 vulnerabilities within the Android operating system in its July 2023 update security update, which targets flaws known to be exploited by threat actors in the wild.

The vulnerabilities, tracked as CVE-2023-26083, CVE-2021-29256 and CVE-2023-2136, have caused particular concern. As outlined in Google's security advisory, evidence suggests these vulnerabilities have already been exploited in a limited, targeted manner.

CVE-2023-26083 is a medium-severity memory leak flaw, impacting the Arm Mali GPU driver for Avalon, Bifrost and Valhall chips. This vulnerability was previously exploited to spread malware across Samsung devices in December 2022. The severity of this threat led the Cybersecurity and Infrastructure Security Agency (CISA) to mandate federal agencies to install patches in April 2023.

The second flaw, CVE-2021-29256, is a high-severity root privilege escalation and unprivileged information disclosure vulnerability. This flaw, which also impacts the Midgard and Bifrost Mali Arm GPU kernel drivers, has a CVSS v3.1 score of 8.8 out of 10.

Furthermore, CVE-2023-2136 is an integer overflow flaw found within Google's Skia, an open-source multi-platform 2D graphics library also employed in Chrome. Fixed in April with a CVSS score of 9.6, Android users only now see the patch in July's security update rollout.

The most alarming vulnerability this month, though, is tracked as CVE-2023-21250. According to Google, this Android System component vulnerability affects Android versions 11, 12 and 13, and could enable attackers to achieve remote code execution (RCE) privileges on compromised devices. The vulnerability can be exploited without user interaction or extra execution privileges.

Google's July patch rollout employs a dual-level system: one patch level (2023-07-01) covers core Android components (the framework), and another (2023-07-05) caters to closed-source and kernel components. This allows device manufacturers to selectively apply patches suitable for their hardware models.

Experts recommend that users install the patches as soon as possible to mitigate the risk of falling victim to attacks exploiting these vulnerabilities. Notably, while this month's security update specifically addresses Android versions 11, 12 and 13, it could impact older versions of the operating system, depending on the scope of the addressed vulnerabilities.