Google’s latest Android security update for August addresses 46 vulnerabilities, with a particular focus on a high-severity remote code execution (RCE) flaw actively exploited in targeted attacks. This zero-day vulnerability, identified as CVE-2024-36971, is a use-after-free (UAF) weakness in the Linux kernel’s network route management.
Discovered by Clément Lecigne from Google’s Threat Analysis Group (TAG), the vulnerability requires System execution privileges for exploitation and allows attackers to manipulate certain network connections. While specifics about the exploitation remain undisclosed, TAG researchers often uncover zero-days used in state-sponsored surveillance attacks targeting high-profile individuals.
The August update comprises two patch sets: 2024-08-01 and 2024-08-05. The latter includes all fixes from the first set plus additional patches for third-party closed-source and Kernel components, notably addressing a critical vulnerability (CVE-2024-23350) in a Qualcomm closed-source component.
This update follows a previous patch earlier this year for another zero-day (CVE-2024-32896/CVE-2024-29748) in Pixel firmware, which forensic companies had exploited to unlock Android devices without a PIN.
Google Pixel devices receive these updates immediately, while other manufacturers may require additional time for testing and deployment. Source code patches will be available in the Android Open Source Project (AOSP) repository within 48 hours of the announcement.
It’s worth noting that not all Android devices may require the full 2024-08-05 patch level, as some vulnerabilities may not apply to all hardware configurations. Device vendors may prioritize the initial patch level to streamline the update process, though this doesn’t necessarily indicate an increased exploitation risk.
To apply the security update, users must go to Settings > Security & Privacy > System & updates > Security update, tap Install, and restart the device to complete the update process.
Users are strongly advised to update their devices as soon as patches become available to protect against potential exploitation of these vulnerabilities. The timely application of security updates remains crucial in maintaining the integrity and security of Android devices against new and evolving threats.