Security
Headlines
HeadlinesLatestCVEs

Headline

Google Releases Pixel Patches for Critical Bugs

Unpatched Pixel devices are at risk for escalation of privileges, Google warns.

DARKReading
#vulnerability#android#google

A pair of critical security vulnerabilities in Google’s Pixel mobile phone line could lead to privilege escalation and device takeover.

The Pixel bugs, tracked as CVE-2022-20231 and CVE-2022-20364, are in the Trust and Kernel components, respectively, according to Google’s Android security advisory.

“For Google devices, security patch levels of 2022-09-05 or later address all issues in this bulletin and all issues in the September 2022 Android Security Bulletin,” Google said in its Pixel patch advisory. “All supported Google devices will receive an update to the 2022-09-05 patch level. We encourage all customers to accept these updates to their devices.”

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Related news

CVE-2022-20397: Pixel Update Bulletin—October 2022  |  Android Open Source Project

In SitRilClient_OnResponse of SitRilSe.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223086933References: N/A

CVE-2022-20231: Pixel Update Bulletin—September 2022  |  Android Open Source Project

In smc_intc_request_fiq of arm_gic.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-211485702References: N/A

CVE-2022-20231: Pixel Update Bulletin—September 2022  |  Android Open Source Project

In smc_intc_request_fiq of arm_gic.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-211485702References: N/A

Update now! Google patches vulnerabilities for Pixel mobile phones

Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Pixel Tags: critical Tags: CVE-2022-20364 Tags: CVE-2022-20231 Tags: Trusty Tags: Kernel Google’s Pixel Update Bulletin for September included two security patches that are Pixel specific. (Read more...) The post Update now! Google patches vulnerabilities for Pixel mobile phones appeared first on Malwarebytes Labs.

Update now! Google patches vulnerabilities for Pixel mobile phones

Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Pixel Tags: critical Tags: CVE-2022-20364 Tags: CVE-2022-20231 Tags: Trusty Tags: Kernel Google’s Pixel Update Bulletin for September included two security patches that are Pixel specific. (Read more...) The post Update now! Google patches vulnerabilities for Pixel mobile phones appeared first on Malwarebytes Labs.

DARKReading: Latest News

Too Much 'Trust,' Not Enough 'Verify'