InfoSecBulletin Cybersecurity for mankind
Google has released its monthly security updates for the Android operating system, addressing 46 new software vulnerabilities. Three of these vulnerabilities have been identified as actively exploited in targeted attacks.
One vulnerability, tracked as CVE-2023-26083, is a memory leak flaw affecting the Arm Mali GPU driver for Bifrost, Avalon, and Valhall chips. This vulnerability was exploited in a previous attack that enabled spyware infiltration on Samsung devices in December 2022. The Cybersecurity and Infrastructure Security Agency (CISA) issued a patching order for federal agencies in April 2023 to address this vulnerability.
CISA Flags Craft CMS Code Injection Flaw Amid Active Attacks
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
ALSO READ:
Another significant vulnerability, identified as CVE-2021-29256, affects specific versions of the Bifrost and Midgard Arm Mali GPU kernel drivers. This flaw allows an unprivileged user to gain unauthorized access to sensitive data and escalate privileges to the root level.
The third exploited vulnerability, CVE-2023-2136, is a critical-severity bug discovered in Skia, Google’s open-source multi-platform 2D graphics library. It was initially disclosed as a zero-day vulnerability in the Chrome browser and allows a remote attacker who has taken over the renderer process to perform a sandbox escape and implement remote code on Android devices.
In addition to these three vulnerabilities, Google’s July Android security bulletin highlights another critical vulnerability, CVE-2023-21250, affecting the Android System component. This issue can cause remote code execution without user interaction or additional execution privileges, making it particularly precarious.
The security updates are rolled out in two patch levels. The initial patch level, made available on July 1, focuses on core Android components, addressing 22 security defects in the Framework and System components.
The second patch level, released on July 5, targets kernel and closed source components, tackling 20 vulnerabilities in Kernel, Arm, Imagination Technologies, MediaTek, and Qualcomm components.
It is important to note that the impact of the addressed vulnerabilities may extend beyond the supported Android versions (11, 12, and 13), potentially affecting older OS versions that no longer receive official support.
Google has also released specific security patches for its Pixel devices, addressing 14 vulnerabilities in Kernel, Pixel, and Qualcomm components. Two of these critical weaknesses could result in privilege elevation and denial-of-service attacks.
