Android Fixes Vulnerable Vulnerability Under Attack

Google engineers released monthly patches for Android, eliminating a total of 37 flaws in various components of the OS. One of these vulnerabilities was a problem in the Linux kernel, which is already actively used by hackers.

The issue in question was identified by Google last year and is identified as CVE-2021-22600 (CVSS 7.8) and could be used by a local attacker to escalate privileges or cause a denial of service (DoS).

The vulnerability is related to the implementation of the Packet network protocol in the Linux kernel, and can lead to memory corruption, which leads to a denial of service or arbitrary code execution. Patches for this problem were already submitted by developers of various Linux distributions in January of this year, including DebianRed Hat, SUSE, and Ubuntu, but it took longer to prepare a fix for Android.

“There are indications that CVE-2021-22600 may be subject to limited and targeted use,” Google warns”.

The company does not provide any details about the nature of the attacks, but information security experts believe that the vulnerability can be used, for example, to execute privileged commands and spread through Linux systems in corporate networks.

Priyanka Sharma
Priyanka Sharma
Myself Priyanka, a talented and experienced writer with a passion for technology, business, and digital marketing. As a writer, I ensure that each piece of content I produce is of the highest quality. I closely work with ONH Team to deliver high-quality content.

Latest Articles