Jump to content
  • Google Patches Zero-Day Flaw in Android That Hackers Are Already Exploiting

    aum

    • 255 views
    • 1 minutes
     Share


    • 255 views
    • 1 minutes

    The patch is rolling out through Android's August security update.

     

    Google has uncovered a serious flaw in Android that hackers are already exploiting.

     

    The company disclosed and patched the previously unknown "zero-day" flaw in this month’s security update for Android. The vulnerability, dubbed CVE-2024-36971, is particularly dangerous because it affects the mobile operating system’s kernel, the central brain to the software.

     

    “There are indications that CVE-2024-36971 may be under limited, targeted exploitation,” Google warned in the security update.

     

    By exploiting the flaw, a hacker can remotely execute code with system privileges, paving a way to  trigger an Android device into downloading and installing malware. Specifically, the flaw pertains to a kernel function called "__dst_negative_advice()," which wasn’t enforcing a synchronization mechanism called Read-Copy Update or RCU.  

     

    The resulting bug can lead to a use-after-free vulnerability, where the operating system is re-accessing a memory location, even though the memory space has been freed up or deallocated. The effect can trigger memory corruption, crashes, or a way to manipulate a system to run unauthorized computer code. 

     

    Source

    • Like 2

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...