Android’s May 2024 security update patches 38 vulnerabilities, including a critical bug in the System component.
May 8, 2024 By Ionut Arghire
Google this week announced a fresh batch of security updates for Android, to address a total of 26 vulnerabilities, including a critical-severity flaw in the System component.
The bug, tracked as CVE-2024-23706 and impacting Android 14, could allow attackers to escalate their privileges on vulnerable devices, Google notes in its advisory.
“The most severe of these issues is a critical security vulnerability in the System component that could lead to local escalation of privilege with no additional execution privileges needed,” the internet giant says.
The vulnerability was resolved as part of the 2024-05-01 security patch level, which addresses eight flaws, including four elevation of privilege (EoP) bugs in the Framework component, and three EoP issues and one information disclosure defect in the System component.
Patches for 18 other vulnerabilities in kernel, Arm, MediaTek, and Qualcomm components were included in the second part of this month’s Android update, which arrives on devices as the 2024-05-05 security patch level and which also includes updated kernel LTS versions.
