Google addresses actively exploited Android flaw in the kernel

Google released the May security bulletin for Android, 2022-05-05 security patch level, which fixed an actively exploited Linux kernel flaw.

Google has released the second part of the May Security Bulletin for Android, which includes a fix for an actively exploited Linux kernel vulnerability tracked as CVE-2021-22600.

The CVE-2021-22600 is a privilege escalation issue that resides in the Linux kernel, an attacker can trigger it via local access. In April, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the flaw to its Known Exploited Vulnerabilities Catalog.

Google disclosed the flaw in January, but it was addressed for Android OS only this month.

“There are indications that CVE-2021-22600 may be under limited, targeted exploitation” reads the bulletin published by Google.

The company did not disclose the details of the attacks exploiting this flaw.

The bulletin addressed five flaws in Framework, eight in the System, four in the Kernel components, three in the MediaTek components, five in the Qualconm Components, end eleven in the Qualcomm closed-source components.

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform  

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Android)

[adrotate banner=”5″]

[adrotate banner=”13″]