Google Rolls Out Patch For Android Kernel Vulnerability

(RTTNews) - Google announced the company's August 2024 security patches for Android, including a high-severity zero-day vulnerability exploited in targeted attacks.

The cyber flaw, tracked as CVE-2024-36971, has been branded as 'zero-day attack' by cyber experts.

"There are indications that CVE-2024-36971 may be under limited, targeted exploitation," the Alphabet Inc. (GOOG)-owned company said in its monthly Android security bulletin for August.

As per BleepingComputer, CVE-2024-36971 is a use after free weakness in the Linux kernel's network route management, which requires System execution privileges for successful exploitation.

Notably, Clement Lecigne, a security researcher from Google's Threat Analysis Group, was the first person to discover and report the zero-day vulnerability.

However, the tech giant has not disclosed specific details regarding how the flaw was exploited, or what threat actor is behind the attacks.

The August security patch addresses 47 flaws in total, including those found in components from Arm, Imagination Technologies, and Qualcomm, according to The Hacker News.

