Google on Monday announced its August 2024 security patches for Android and the list includes a zero-day vulnerability that appears to have been exploited in targeted attacks.
The zero-day, tracked as CVE-2024-36971, has been described as a high-severity issue in the kernel that can be exploited for remote code execution with “System execution privileges needed”.
“There are indications that CVE-2024-36971 may be under limited, targeted exploitation,” Google noted in its advisory.
According to previous advisories from the Linux community, CVE-2024-36971 is a kernel vulnerability that can lead to a use-after-free condition.
No information has been shared on attacks exploiting CVE-2024-36971, but it’s worth noting that it was discovered by Google’s Clément Lecigne, who is often credited for finding vulnerabilities exploited by commercial spyware vendors.
The latest Android updates patch more than 40 other vulnerabilities, a majority of which have been assigned a ‘high severity’ rating.
Roughly a dozen flaws have been patched in the ‘framework’ component, including bugs that can be exploited for privilege escalation, information disclosure, and DoS attacks. One information disclosure issue has been fixed in the ‘system’ component.
A handful of vulnerabilities have been addressed in Arm, Imagination Technologies, and MediaTek components.
Qualcomm component updates patch 27 vulnerabilities, in the display, WLAN and other sub-components. One flaw has been assigned a ‘critical severity’ rating, allowing an attacker to cause a permanent DoS condition.
Google also announced patches for Wear OS on Monday.
Related: Microsoft Banning Android Phones for Staff in China
Related: Google Patches 25 Android Flaws, Including Critical Privilege Escalation Bug
Related: Android 15 Brings Improved Fraud and Malware Protections
