Google released a monthly set of patches for Android, fixing a total of 56 vulnerabilities, five of which are considered critical, and one vulnerability known as the Mali GPU has been used by hackers since at least December last year.
Let me remind you that we wrote that Mali GPU Driver Vulnerabilities Threaten Millions of Devices, and also that NVIDIA Released Update That Fixes Ten Vulnerabilities in Windows GPU Drivers.Also, information security specialists noted that Spyware Developers Ready to hack iOS and Android for 8 million euros.
The developers have provided some details on exploiting the CVE-2022-22706 issue found in Arm’s Mali GPU driver.
According to researchers from the Google Threat Analysis Group (TAG), this issue may have had limited, focused use in spyware campaigns targeting Samsung phones.
Scoring 7.8 out of 10 on the CVSS vulnerability rating scale, this bug allowed unprivileged users to gain write access to read-only memory pages. According to Arm, the following kernel driver versions are affected by the issue:
- Midgard GPU Kernel Driver – all versions from r26p0 to r31p0;
- Bifrost GPU Kernel Driver – all versions from r0p0 to r35p0;
- Valhall GPU Kernel Driver – all versions from r19p0 to r35p0.
That being said, Arm fixed the issue back in Bifrost and Valhall GPU Kernel Driver r36p0 and Midgard Kernel Driver r32p0, but the fix has made it to Android stable just now.
It’s also worth noting that Samsung engineers fixed CVE-2022-22706 in May 2023. Apparently, the company’s quick response was due to the active exploitation of this vulnerability by attackers.
In addition to the issue described above, the following critical bugs have been fixed this month:
- CVE-2023-21127 – Android Framework remote code execution affecting Android 11, 12, and 13 (fixed in security level 2023-06-01).
- CVE-2023-21108 – Android System remote code execution affecting Android 11, 12, and 13 (fixed in security level 2023-06-01).
- CVE-2023-21130 – Android System remote code execution affecting Android 13 (fixed in security level 2023-06-01).
- CVE-2022-33257 – Unknown Critical Vulnerability Affecting Closed Source Qualcomm Components (patched at security level 2023-06-05).
- CVE-2022-40529 – An unknown type of critical vulnerability affecting closed source Qualcomm components (fixed at security level 2023-06-05).