Google Patches Exploited Linux Kernel Zero-Day Vulnerability in Latest Android Update

by | Aug 6, 2024 | News

Google Patches Exploited Linux Kernel Vulnerability in Latest Android Update

Post Views: 162




Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos.

Patreon
Reading Time: 3 Minutes

The latest Android security update addresses 46 vulnerabilities, including a high-severity remote code execution (RCE) zero-day vulnerability actively exploited in targeted attacks.

Key Vulnerability: CVE-2024-36971

  • Description: CVE-2024-36971 is a use-after-free (UAF) vulnerability in the Linux kernel’s network route management.
  • Severity: High
  • Impact: Allows attackers to gain arbitrary code execution with system-level privileges.
  • Exploitation: There are indications that this vulnerability is being exploited in targeted attacks, likely by advanced threat actors aiming for high-profile individuals.
  • Reporter: Discovered and reported by Clément Lecigne from Google’s Threat Analysis Group (TAG).

Vulnerability Details

  • Use-After-Free (UAF): This type of flaw allows attackers to manipulate freed memory, leading to unpredictable behavior and potential arbitrary code execution.
  • System Privileges: Exploitation requires system execution privileges, making it a critical issue for devices with unpatched systems.
  • Targeted Exploitation: Evidence suggests limited exploitation in targeted attacks, underlining the need for urgent patching.

See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses




Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.

Previous Zero-Day Exploits

  • CVE-2024-32896 / CVE-2024-29748: A high-severity elevation of privilege (EoP) flaw in Pixel firmware, exploited to unlock Android devices without a PIN and access stored data.

Patch Release and Implementation

  • Patch Levels:
    • 2024-08-01: Initial security patch level, addressing critical and high-severity vulnerabilities.
    • 2024-08-05: Includes additional patches for third-party closed-source components and kernel vulnerabilities.
  • Notable Fixes: Includes a critical vulnerability (CVE-2024-23350) in a Qualcomm closed-source component.
  • Source Code: Patches to be released to the Android Open Source Project (AOSP) repository within 48 hours.

Deployment and Compatibility

  • Google Pixel Devices: Receive immediate monthly security updates.
  • Other Manufacturers: May have a delay in rolling out updates due to the need for compatibility testing across various hardware configurations.

Trending: Deep Dive to Fuzzing for Maximum Impact




Trending: Offensive Security Tool: DDoSlayer

Recommendations

  1. Update Devices: Users should ensure their devices are updated to the latest security patch level as soon as updates become available.
  2. Monitor Announcements: Keep an eye on updates from device manufacturers and Google for the latest security patches.
  3. Security Practices: Maintain good security hygiene, including not downloading apps from untrusted sources and being cautious with email attachments and links.

Trending: WhatsApp Vulnerability: Python and PHP Scripts Executed Without Warning

Are u a security researcher? Or a company that writes articles about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing? If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This