Android security update fixes Mali GPU flaw exploited by spyware

[Gandalf_The_Grey]

Content source

https://www.bleepingcomputer.com/news/security/android-security-update-fixes-mali-gpu-flaw-exploited-by-spyware/

Google has released the monthly security update for the Android platform, adding fixes for 56 vulnerabilities, five of them with a critical severity rating and one exploited since at least last December.

The new security patch level 2023-06-05 integrates a patch for CVE-2022-22706, a high-severity flaw in the Mali GPU kernel driver from Arm that Google’s Threat Analysis Group (TAG) believes it may have been used in a spyware campaign targeting Samsung phones.

"There are indications that CVE-2022-22706 may be under limited, targeted exploitation," reads Google's latest bulletin. CISA also highlighted the active exploitation of CVE-2022-22706 in an advisory released in late March.

It is worth noting that Samsung addressed CVE-2022-22706 in its May 2023 update. The company's quick response to the active exploitation of the flaw is likely due to its users being explicitly targeted by the spyware campaign.

Android security update fixes Mali GPU flaw exploited by spyware

Google has released the monthly security update for the Android platform, adding fixes for 56 vulnerabilities, five of them with a critical severity rating and one exploited since at least last December.

www.bleepingcomputer.com