Google releases March 2023 Android security bulletin: fixes two critical vulnerabilities

Google has released its monthly Android security bulletin for March 2023. The bulletin reveals that Google has fixed two severe security vulnerabilities that affect Android system components, one of which can even “execute code remotely without additional permissions.” They are identified as CVE-2023-20951 and CVE-2023-20954. There is currently no information available about the two vulnerabilities.

In addition, the March 2023 Android security bulletin lists the following vulnerabilities:

  • Framework: Eight different security issues, all with a high severity level.
  • System: 18 different vulnerabilities, with two rated as critical and the remaining 16 rated as high.
  • Google Play system updates: Five vulnerabilities.
  • Kernel: One vulnerability rated as high severity level.
  • MediaTek components: Three listed vulnerabilities, all rated as high severity level.
  • UNISOC components: Four vulnerabilities, all rated as high severity level.
  • Qualcomm components: Three vulnerabilities, all rated as high severity level.
  • Qualcomm closed-source components: 18 different vulnerabilities, with two rated as critical and the remaining 16 rated as high. These two issues are also remote code execution vulnerabilities.

As usual, Google Pixel devices will be the first to receive the March Android security update, and users can manually check for updates in advance.

Google releases March 2023 Android security bulletin: fixes two critical vulnerabilities
(0)
Gustave Agnes的头像Gustave Agnes

发表回复

您的电子邮箱地址不会被公开。 必填项已用*标注