Google engineers released monthly patches for Android, eliminating a total of 37 flaws in various components of the OS. One of these vulnerabilities was a problem in the Linux kernel, which is already actively used by hackers.
The issue in question was identified by Google last year and is identified as CVE-2021-22600 (CVSS 7.8) and could be used by a local attacker to escalate privileges or cause a denial of service (DoS).
The vulnerability is related to the implementation of the Packet network protocol in the Linux kernel, and can lead to memory corruption, which leads to a denial of service or arbitrary code execution. Patches for this problem were already submitted by developers of various Linux distributions in January of this year, including Debian, Red Hat, SUSE, and Ubuntu, but it took longer to prepare a fix for Android.
“There are indications that CVE-2021-22600 may be subject to limited and targeted use,” Google warns”.
The company does not provide any details about the nature of the attacks, but information security experts believe that the vulnerability can be used, for example, to execute privileged commands and spread through Linux systems in corporate networks.