Google fixes 50 bugs in Pixel, one actively exploited as zero-day.

The Pixel firmware Elevation of Privilege (EoP) vulnerability with the identification number CVE-2024-32896 is a critical problem in terms of security. The company explained this in a statement made on this Tuesday in which it described the bug CVE-2024-32896 as a threat that has only been used, although rarely, to attack.

Security Patch Level 2024-06-05 and all google devices all which are supported will get an update. We advise all our customers to have this update on the devices they possess and have an active usage. As to the types of security bugs, seven out of the 44 extra updates attached by Google to this month’s Pixel update bulletin are privilege escalation bugs deemed critical by the Chocolate Factory, which impacts diverse subcomponents.

However, devices running on Android, pixel still continues to get separate security and bug fix updates since it has extra features and capabilities, as well as the independent hardware platform solely controlled by Google. Further PD specifics concerning June 2024 updates to the Pixel can be found in the accompanying security bulletin, dedicated to Google’s smartphone cornerstone.

Pixel owners have to go to Settings, Security & privacy, System & updates, Security update, click on Install, reboot the gadget to complete the update procedure. This week Arm said there is a memory corruption security weakness (CVE-2024-4610) that currently targets Bifrost and Valhall GPU kernel drivers exposed in the wild in the first week of the new year.

Taken together, the Bifrost and Valhall drivers r34p0-r40p0 and A UAF result in information disclosure and the ability to run arbitrary code.

Google fixed two other Pixel vulnerabilities local to this April used by forensics firms to bypass the PIN and browse through the content of the devices. Booting Pixel with an exploited Pixel bootloader which garnered its own CVE, CVE-2024-29745, information disclosure frenzy resulted in yet another high-severity privilege escalation vulnerability, CVE-2024-29748, in the Pixel firmware making the cut for the Pixel Security Bulletin this month.

Leave a Reply

Your email address will not be published. Required fields are marked *