Google has published the monthly Android Security Bulletin (ASB) for June 2024. This month’s security release for Android devices fixes 37 vulnerabilities, including three critical issues. Android OEMs will roll out these patches to their devices in the coming weeks. Some firms may bundle additional patches for issues exclusive to their products. Samsung, for example, is addressing 22 Galaxy-specific vulnerabilities with the June update.
June security update patches 37 vulnerabilities in Android devices
As usual, Google released the June 2024 ASB in two parts. The first part arrives with the 2024-06-01 security patch level and contains fixes for 19 high-severity vulnerabilities. The most severe vulnerability in this group could lead to “local escalation of privilege with no additional execution privileges needed.” Most of those exist on Android 12 through to Android 14, though a few don’t affect devices running the latest Android version.
In the second group, Google bundled 18 high-severity vulnerability patches marked under the security patch level 2024-06-05. These include issues across various partner components, including those from MediaTek, Imagination Technologies, ARM, and Qualcomm. This group also includes a kernel vulnerability that could “lead to local escalation of privilege in the kernel with no additional execution privileges needed.”
All of these patches will roll out to Pixel smartphones and tablets in the coming weeks. Google has yet to begin the rollout, though the wait may not be much longer now. Other Android manufacturers like Samsung, OnePlus, Oppo, Vivo, Xiaomi, and Tecno will also push these patches to their devices as the June security update. There is no evidence of any of these vulnerabilities being exploited in the wild. You should still update your device as soon as you can.
Galaxy devices get 22 additional security patches
Along with the 37 patches part of Google’s latest ASB, Samsung’s June update for Galaxy devices addresses another 22 vulnerabilities that don’t exist on Android devices from other brands. Called Samsung Vulnerabilities and Exposures (SVE) items, these issues affect various system apps, services, and components that make up the core of Galaxy products or Samsung’s custom Android skin, i.e., One UI.
This month’s release fixes a critical vulnerability in “chnactiv TA” that allowed local privileged attackers to lead to potential arbitrary code execution. The Korean firm also patched several high-severity issues, including a buffer overflow vulnerability in the bootloader that enabled physical attackers to overwrite memory. These patches will soon roll out to eligible Galaxy devices, including the Galaxy S24 series. We will let you know when the rollout begins.
The post Google’s June 2024 update patches 37 vulnerabilities, Samsung adds 22 more appeared first on Android Headlines.