Connect with us

Hi, what are you looking for?


Mobile & Wireless

Android Security Updates Patch 3 Exploited Vulnerabilities

Google’s July 2023 security updates for Android patches 43 vulnerabilities, including three exploited in the wild.

Android zero-day

Security updates that Google released this week for Android resolve 43 vulnerabilities, including three that have been exploited in attacks.

The exploited flaws, tracked as CVE-2023-2136, CVE-2023-26083, and CVE-2021-29256, impact Android’s System and Arm Mali components.

The internet giant says “there are indications” that these security defects “may be under limited, targeted exploitation”.

CVE-2023-2136 was disclosed in April as a zero-day vulnerability in the Chrome browser, and is described as an integer overflow issue in Skia.

The bug allows “a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page,” a NIST advisory explains.

According to Google’s July 2023 Android security bulletin, the vulnerability can be exploited to achieve remote code execution on Android devices.

Devices running a 2023-07-01 security patch level or later are patched against this vulnerability and 22 other security defects in the platform’s Framework and System components, including a critical-severity remote code execution issue tracked as CVE-2023-21250.

Advertisement. Scroll to continue reading.

“The most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation,” the internet giant says.

The two exploited Arm bugs were addressed as part of Android’s 2023-07-05 security patch level, which resolves a total of 20 flaws in Kernel, Arm, Imagination Technologies, MediaTek, and Qualcomm components.

The first of the vulnerabilities, CVE-2021-29256, is a privilege escalation vulnerability impacting the Midgard, Bifrost, and Valhall Mali GPU kernel drivers.

“A non-privileged user can make improper operations on GPU memory to gain access to already freed memory and may be able to gain root privilege, and/or disclose information,” Arm explains in its advisory.

The second exploited Arm issue, CVE-2023-26083, is described as a memory leak vulnerability in Midgard, Bifrost, Valhall, and 5th gen Mali GPU kernel drivers.

“A non-privileged user can make valid GPU processing operations that expose sensitive kernel metadata,” Arm’s advisory reads.

The chip maker warned of this flaw’s exploitation at the end of March and CISA added it to its Known Exploited Vulnerabilities catalog on April 7.

Google reported in late March that CVE-2023-26083 was one of the vulnerabilities exploited by commercial spyware vendors to hack Samsung devices. It’s possible that all of the flaws have been exploited by companies offering surveillance solutions. 

This week, Google also announced security updates for Pixel devices, to address 14 vulnerabilities in Kernel, Pixel, and Qualcomm components. Two of the flaws, leading to elevation of privilege and denial-of-service (DoS), are rated ‘critical’ severity.

Pixel devices running a 2023-07-05 security patch level are patched against all these vulnerabilities and the bugs described in the July 2023 Android security bulletin.

Google’s July 2023 Android Automotive OS security update contains patches for only one specific vulnerability, but also addresses the issues resolved with the July 2023 Android security update.

Related: Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability

Related: Arm Vulnerability Leads to Code Execution, Root on Pixel 6 Phones

Related: Google Announces New Rating System for Android and Device Vulnerability Reports

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

The February 2023 security updates for Android patch 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.