Google has released its monthly Android security bulletin for March 2023. The bulletin reveals that Google has fixed two severe security vulnerabilities that affect Android system components, one of which can even “execute code remotely without additional permissions.” They are identified as CVE-2023-20951 and CVE-2023-20954. There is currently no information available about the two vulnerabilities.
In addition, the March 2023 Android security bulletin lists the following vulnerabilities:
- Framework: Eight different security issues, all with a high severity level.
- System: 18 different vulnerabilities, with two rated as critical and the remaining 16 rated as high.
- Google Play system updates: Five vulnerabilities.
- Kernel: One vulnerability rated as high severity level.
- MediaTek components: Three listed vulnerabilities, all rated as high severity level.
- UNISOC components: Four vulnerabilities, all rated as high severity level.
- Qualcomm components: Three vulnerabilities, all rated as high severity level.
- Qualcomm closed-source components: 18 different vulnerabilities, with two rated as critical and the remaining 16 rated as high. These two issues are also remote code execution vulnerabilities.
As usual, Google Pixel devices will be the first to receive the March Android security update, and users can manually check for updates in advance.
本文为原创文章,转载需获授权。
微信扫一扫