Jump to content
  • Android security update fixes Mali GPU flaw exploited by spyware

    alf9872000

    • 532 views
    • 3 minutes
     Share


    • 532 views
    • 3 minutes

    Google has released the monthly security update for the Android platform, adding fixes for 56 vulnerabilities, five of them with a critical severity rating and one exploited since at least last December.

     

    The new security patch level 2023-06-05 integrates a patch for CVE-2022-22706, a high-severity flaw in the Mali GPU kernel driver from Arm that Google’s Threat Analysis Group (TAG) believes it may have been used in a spyware campaign targeting Samsung phones.

     

    "There are indications that CVE-2022-22706 may be under limited, targeted exploitation," reads Google's latest bulletin. CISA also highlighted the active exploitation of CVE-2022-22706 in an advisory released in late March.

     

    With a score of 7.8 out of 10, the high-severity security issue allows non-privileged users to get write access to read-only memory pages.

     

    According to Arm, the issue impacts the following kernel driver versions:

     

    • Midgard GPU Kernel Driver: All versions from r26p0 – r31p0
    • Bifrost GPU Kernel Driver: All versions from r0p0 – r35p0
    • Valhall GPU Kernel Driver: All versions from r19p0 – r35p0

     

    Arm fixed the issue in Bifrost and Valhall GPU Kernel Driver r36p0 and in Midgard Kernel Driver r32p0, but the fix trickled into the stable version of Android only now.

     

    It is worth noting that Samsung addressed CVE-2022-22706 in its May 2023 update. The company's quick response to the active exploitation of the flaw is likely due to its users being explicitly targeted by the spyware campaign.

     

    The critical-severity flaws fixed in this month’s Android update include:

     

    1. CVE-2023-21127 – Remote code execution flaw in Android Framework, impacting Android 11, 12, and 13. Fixed in security patch level “2023-06-01.”
    2. CVE-2023-21108 – Remote code execution flaw in Android System, impacting Android 11, 12, and 13. Fixed in security patch level “2023-06-01.”
    3. CVE-2023-21130 – Remote code execution flaw in Android System, impacting Android 13. Fixed in security patch level “2023-06-01.”
    4. CVE-2022-33257 – Critical flaw of an undefined type, impacting Qualcomm closed-source components. Fixed in security patch level “2023-06-05.”
    5. CVE-2022-40529 – Critical flaw of an undefined type, impacting Qualcomm closed-source components. Fixed in security patch level “2023-06-05.”

     

    Devices running Android 10 or older are no longer supported and will not receive this security update.

     

    Users of outdated devices should be aware of the risk of a potential impact. They should either switch to a newer, actively supported Android model or turn to a third-party Android distribution that still provides security fixes, even if these typically come with a delay.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...