Google has released patches for over 50 Android vulnerabilities, including two remote code execution (RCE) flaws in the system component.
A total of 18 bugs were fixed in the System component, while eight security defects were resolved in the Framework component, all rated as ‘high’ severity.
Additionally, 29 vulnerabilities were resolved in the second part of the March 2023 Android updates, which covers the Android Kernel, MediaTek, Unisoc, Qualcomm, and Qualcomm closed-source components.
“Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights,” noted an analysis by the Center for Internet Security.
Google Android security bulletin: Top vulnerabilities and their severity
With the exception of two bugs in the Qualcomm closed-source components, most of the other issues are high-severity flaws. CVE-2022-33213 and CVE-2022-33256 are vulnerabilities in Qualcomm closed-source components that could allow for remote code execution.
“CVE-2022-33213 is a memory corruption vulnerability in a modem due to buffer overflow while processing a PPP packet. And CVE-2022-33256 is a memory corruption vulnerability due to the improper validation of an array index in a Multi-mode call processor,” said the MalwareByte Labs analysis of the patch report.
MalwareByte Labs pointed out one particular vulnerability known as CVE-2021-33655, which allows sending malicious data to the kernel, leading to an elevation of privacy (EoP) vulnerability in the Kernel that could result in local information disclosure. It was reported in 2021 and does not require user interaction for exploitation.
The vulnerability occurs when a user with access to a framebuffer console driver sends malicious data via the FBIOPUT_VSCREENINFO ioctl system call. The fix for this issue involves preventing switching to screen resolutions smaller than the font size and enabling a font bigger than the current screen resolution.
“This seems trivial, but it goes to show how many details go into safe coding,” said the report
| CVE | References | Severity |
| CVE-2023-20951 | A-258652631 | Critical |
| CVE-2023-20954 | A-261867748 | Critical |
| CVE-2022-33213 | A-238106224 * | Critical |
| CVE-2022-33256 | A-245402790 * | Critical |
To verify the security patch status of your device, the company as urged to either refer to the instructions provided in the bulletin or navigate to the Android version settings on the users’ device.
Android partners are given advance notice of all issues at least a month before the public disclosure. Hardware makers such as Samsung have simultaneously released their patch advisories.
“However, this doesn’t always mean that the patches are available for devices from all vendors,” noted MalwareByte Labs.
Google also announced that source code patches for these issues would be released to the Android Open Source Project (AOSP) repository within 48 hours. Android device manufacturers can use these patches to update their operating systems and address the security vulnerabilities outlined in the bulletin.
Android vulnerability 2023 and Android security platform
To improve the security of the Android platform, Google has implemented several security features in the Android security platform protections and Google Play Protect.
These features help detect and prevent malware and other security threats on Android devices. Google Play system updates, available on devices with Android 10 and later, can also provide additional security updates to the Android platform.
Android Secure Folder is another security feature that provides a private and secure space to store sensitive data on Android devices. This feature allows users to lock and encrypt files and folders, preventing unauthorized access.
Android Studio, the official integrated development environment (IDE) for Android app development, also includes several security features to help developers build secure apps. These features include code analysis tools, automated security testing, and support for the latest security APIs.
Patching the vulnerabilities: User’s bane
To improve the security of the Android platform, Google has implemented several security features in the Android security platform protections and Google Play Protect.
These features help detect and prevent malware and other security threats on Android devices. Google Play system updates, available on devices with Android 10 and later, can also provide additional security updates to the Android platform.
