<p>The monthly security upgrades from Google for the Android operating system include solutions for three actively exploited issues as well as 46 vulnerabilities.</p>
<p>According to Android Security Bulletin, “There are indications that the following (vulnerabilities) — CVE-2023-26083, CVE-2021-29256, and CVE-2023-2136 — may be under limited, targeted exploitation.”</p>
<p>A December 2022 attack chain that delivered malware to Samsung devices used CVE-2023-26083, a medium-severity memory leak issue in the Arm Mali GPU driver for Bifrost, Avalon, and Valhall processors, according to BleepingComputer.<img decoding=”async” class=”alignnone wp-image-61779″ src=”https://www.theindiaprint.com/wp-content/uploads/2023/07/www.theindiaprint.com-google-fixes-3-of-androids-most-actively-exploited-bugs-complete-information-00438602d96f36e18befc67e1071562a-w-800-h-450-750×422.jpg” alt=”” width=”1560″ height=”878″ srcset=”https://www.theindiaprint.com/wp-content/uploads/2023/07/www.theindiaprint.com-google-fixes-3-of-androids-most-actively-exploited-bugs-complete-information-00438602d96f36e18befc67e1071562a-w-800-h-450-750×422.jpg 750w, https://www.theindiaprint.com/wp-content/uploads/2023/07/www.theindiaprint.com-google-fixes-3-of-androids-most-actively-exploited-bugs-complete-information-00438602d96f36e18befc67e1071562a-w-800-h-450-768×432.jpg 768w, https://www.theindiaprint.com/wp-content/uploads/2023/07/www.theindiaprint.com-google-fixes-3-of-androids-most-actively-exploited-bugs-complete-information-00438602d96f36e18befc67e1071562a-w-800-h-450-390×220.jpg 390w, https://www.theindiaprint.com/wp-content/uploads/2023/07/www.theindiaprint.com-google-fixes-3-of-androids-most-actively-exploited-bugs-complete-information-00438602d96f36e18befc67e1071562a-w-800-h-450-150×84.jpg 150w, https://www.theindiaprint.com/wp-content/uploads/2023/07/www.theindiaprint.com-google-fixes-3-of-androids-most-actively-exploited-bugs-complete-information-00438602d96f36e18befc67e1071562a-w-800-h-450.jpg 800w” sizes=”(max-width: 1560px) 100vw, 1560px” /></p>
<p>Specific versions of the Bifrost and Midgard Arm Mali GPU kernel drivers are vulnerable to CVE-2021-29256, a significant (CVSS v3.1: 8.8) vulnerability that allows for the exposure of unprivileged information and the elevation of root power.</p>
<p>As an integer overflow flaw in Skia, Google’s open-source, cross-platform 2D graphics library, which is also used in Chrome, the third vulnerability, CVE-2023-2136, is critical-severity and has a score of 9.6 out of 10. It was resolved in April, according to the study.</p>
<p>The most significant security flaw that Google repaired this month, according to the report, is CVE-2023-21250, a major vulnerability in the System component of Android that affects versions 11, 12, and 13.</p>
<p>This month’s Android security update covers Android versions 11, 12, and 13, although depending on the severity of the vulnerabilities fixed, it may also impact earlier, unsupported OS versions.</p>
<p>Google released a security update for the Chrome web browser last month to fix the third zero-day vulnerability that hackers have exploited this year.</p>
<p>Google acknowledged the existence of a CVE-2023-3079 vulnerability in the wild in a blog post.</p>
<p> </p>
<p> </p>
