Google Includes Critical Android Kernel Patch in February Security Update

Google fixed a high-severity kernel vulnerability reportedly under active exploitation in its latest batch of security updates for Android.

Kernel flaw patch in latest Android security update

An actively exploited kernel-level bug has been identified in Android devices. Left unpatched, the flaw, a USB video-class driver code Linux kernel vulnerability, would pave the way for several types of attacks.

In-depth details of the bug, tracked as CVE-2024-53104 with a CVSS score of 7.8, are yet to be released. What we do know is that it causes an exception when parsing undefined video frames, triggering a buffer overflow. In other words, it forces the kernel to write data beyond its allocated memory.

Linux kernel vulnerability in USB video driver code

“In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format,” reads the vulnerability’s description. “This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.”

To avoid this, parsing the problematic video frames needs to be skipped, which is what Google’s recent patch aims to do.

Threat actors allegedly weaponize hardware to exploit kernel flaw

The vulnerable driver code is designed to handle external video sources such as webcams, transcoders, still-image cameras, analog video converters, and digital camcorders.

Google said in its advisory that “there are indications that CVE-2024-53104 may be under limited, targeted exploitation,” which could mean criminals have plugged malicious hardware into vulnerable devices.

In a successful attack, perpetrators could exploit the flaw to achieve physical privilege escalation without requiring additional execution privileges, allowing them to crash or take over the compromised device.

Safeguarding your mobile devices

It shouldn't be overlooked that keeping your Android device up to date is crucial in counteracting vulnerabilities like this one.

Dedicated software like Bitdefender Mobile Security for Android can also help you stay one step ahead of malicious actors. It encompasses a wide range of relevant features, such as app anomaly detection, malware scanner, web protection, scam alerts, anti-theft, privacy protection, and a built-in VPN.