Summary
Google has released October security updates to address 26 vulnerabilities affecting the Android operating system.
Note: A Proof of Concept (PoC) for the exploitation of CVE-2024-0044 is available online.
Risk
Estimate of the impact of the vulnerability on the reference community: HIGH/ORANGE (72.56/100)1.
Type
- Elevation of Privilege
- Denial of Service
- Remote Code Execution
Affected products and versions
Android 12, 12L, 13, 14, 15 with security patches prior to October 2024.
Mitigation actions
In line with the vendor’s statements, it is recommended to apply the patches following the indications reported in the security bulletin, available in the References section.
Unique vulnerability identifiers
References
https://source.android.com/docs/security/bulletin/2024-10-01
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.
