Google has addressed 43 vulnerabilities in the latest Android security updates. These updates include fixes for three specific vulnerabilities, CVE-2023-2136, CVE-2023-26083, and CVE-2021-29256, which have been exploited in attacks.
The affected components are Android’s System and Arm Mali. According to Google, there are signs that these security flaws might be currently targeted in specific, limited attacks. CVE-2023-2136, originally discovered in April as a zero-day vulnerability in the Chrome browser, is an integer overflow problem in Skia.
This bug could allow a remote attacker, who has compromised the renderer process, to escape the sandbox by using a specially crafted HTML page, as explained in an advisory by NIST.
Read More: Android Security Updates Patch 3 Exploited Vulnerabilities
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.