August 6, 2024 at 02:24AM
Google has addressed a high-severity security flaw in the Android kernel, identified as CVE-2024-36971, acknowledging its active exploitation. The patch also includes fixes for 47 flaws, with indications that the vulnerability may be exploited in targeted attacks. The company is collaborating with OEM partners to apply fixes where applicable.
The key takeaways from the meeting notes are:
– Google has addressed a high-severity security flaw (CVE-2024-36971) impacting the Android kernel, which has been actively exploited in the wild.
– There are indications that the CVE-2024-36971 vulnerability may be under limited, targeted exploitation, and it is possible that Pixel devices are also impacted.
– The August patch by Google addresses a total of 47 flaws, including those identified in components associated with Arm, Imagination Technologies, MediaTek, and Qualcomm.
– Google has resolved 12 privilege escalation flaws, one information disclosure bug, and one denial-of-service (DoS) flaw impacting the Android Framework.
– An elevation of privilege issue in Pixel Firmware (CVE-2024-32896) was exploited in limited and targeted attacks in June 2024.
– Google reported that the impact of the CVE-2024-32896 issue extends beyond Pixel devices to include the broader Android platform, and it is working with OEM partners to apply fixes where applicable.
– Previously, Google closed out two security flaws in the bootloader and firmware components (CVE-2024-29745 and CVE-2024-29748) that were weaponized by forensic companies to steal sensitive data.
– The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2018-0824, a remote code execution flaw impacting Microsoft COM for Windows, to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply fixes by August 26, 2024.
– Cisco Talos reported that the CVE-2018-0824 flaw was weaponized by a Chinese nation-state threat actor named APT41 in a cyber attack aimed at an unnamed Taiwanese government-affiliated research institute to achieve local privilege escalation.