Android’s July 2024 Security Update : 27 vulnerabilities Patched


The Android Security Bulletin details security vulnerabilities affecting Android devices, where devices with security patch levels of 2024-07-05 or later address these issues, while Android partners are notified of vulnerabilities in advance and source code patches are released. 

There is a serious security hole in the Framework component that could let someone gain more rights locally, assuming that security measures are either turned off for testing purposes or are not used at all.  

The Android security platform and Google Play Protect work together to mitigate security vulnerabilities on Android devices, and newer Android versions make it harder to exploit these vulnerabilities. 

Users should update to the latest Android version whenever possible, as Google Play Protect actively identifies and warns users about potentially harmful applications, especially for users installing apps from outside the official Google Play store. 

The latest security bulletin details vulnerabilities patched on July 1st, 2024, categorized by affected components (Framework, System, etc.) with information like CVE ID, severity, and fixed versions. 

Framework
Framework

The Android security bulletin reports critical Elevation of Privilege (EoP) vulnerabilities in the Framework and System components affecting various Android versions, which could allow attackers to gain unauthorized control of a device without needing additional privileges. 

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo

A high-severity Information Disclosure (ID) vulnerability exists in the MediaProvider component, potentially exposing sensitive information that is delivered through Google Play system updates. 

Google Play system updates
Google Play system updates

The Android security bulletin for July 5th, 2024 (patch level 2024-07-05) addresses a critical vulnerability (CVE-2024-26923) in the kernel that could allow an attacker to escalate privileges to a local administrator without needing additional permissions. 

Two high-severity vulnerabilities (CVE-2024-0153 and CVE-2024-4610) were identified in Mali, an Arm component, and more details and severity assessments for the Mali vulnerabilities can be found directly from Arm. 

Imagination Technologies (Imagination) identified several high-severity vulnerabilities (CVE-2024-31334, CVE-2024-31335, CVE-2024-34724, CVE-2024-34725, and CVE-2024-34726) affecting their PowerVR GPUs. 

MediaTek components
MediaTek components

Details and severity assessments are available from Imagination, and MediaTek reported critical vulnerabilities (CVE-2024-20076, CVE-2024-20077) in their modem components. 

The report details several high-severity vulnerabilities affecting Qualcomm components.

The vulnerabilities reside in the kernel, display, and unidentified closed-source components. 

Among the specific vulnerabilities that have been identified are CVE-2024-23368 (Kernel), CVE-2024-23372, CVE-2024-23373, and CVE-2024-23380 (all Display). 

The closed-source component vulnerabilities include CVE-2024-21461 (critical), CVE-2024-21460, CVE-2024-21462, CVE-2024-21465, and CVE-2024-21469 (all high-severity). 

Are you from SOC/DFIR Teams? - Sign up for a free ANY.RUN account! to Analyse Advanced Malware Files



Source link