Google has released its August 2024 security update for Android, addressing a critical zero-day vulnerability, CVE-2024-36971, which has been actively exploited in targeted attacks. This high-severity kernel flaw can be used for remote code execution with system execution privileges due to a use-after-free condition. Discovered by Google’s Clément Lecigne, who is known for identifying vulnerabilities often exploited by commercial spyware vendors, this zero-day highlights the ongoing risks posed by such security flaws.
The vulnerability, CVE-2024-36971, is particularly concerning as it has been under limited, targeted exploitation, according to Google’s advisory. The exploit allows attackers to gain significant control over affected devices, emphasizing the need for users to apply the latest updates promptly. While specific details of the attacks exploiting this vulnerability have not been disclosed, the urgency of the patch underscores its severity.
In addition to CVE-2024-36971, the August security update addresses more than 40 other vulnerabilities, with a majority assigned a ‘high severity’ rating. These include several flaws in the ‘framework’ component that could lead to privilege escalation, information disclosure, and denial-of-service (DoS) attacks. The ‘system’ component also received a fix for an information disclosure issue. By patching these vulnerabilities, Google aims to enhance the overall security posture of Android devices.
Furthermore, the update includes patches for vulnerabilities in components from Arm, Imagination Technologies, MediaTek, and Qualcomm. Notably, the Qualcomm component updates address 27 vulnerabilities, including a critical severity flaw that could cause a permanent DoS condition. This comprehensive update reflects Google’s commitment to maintaining the security and integrity of the Android ecosystem, ensuring that users are protected against a wide range of potential threats.
Reference:
