Android Family August 2024 Routine Security Update Advisory

Overview

Android has released an update to fix vulnerabilities in their products. Users of affected versions are advised to update to the latest version.

Affected Products

CVE-2024-23381, CVE-2024-23382, CVE-2024-23383, CVE-2024-23384, CVE-2024-33010, CVE-2024-33011, CVE-2024-33012, CVE-2024-33013, CVE-2024-33014, CVE-2024-33015, CVE-2024-33018, CVE-2024-33019, CVE-2024-33020, CVE-2024-33023, CVE-2024-33024, CVE-2024-33025, CVE-2024-33026, CVE-2024-33027, CVE-2024-33028

See “Qualcomm Components” in the reference site[1]

Cve-2024-21481, cve-2024-23352, cve-2024-23353, cve-2024-23355, cve-2024-23356

See “Qualcomm Closed Source Components” in the reference site [1]

Resolved Vulnerabilities

Memory corruption if memory mapped to a VBO is not unmapped by the GPU SMMU (CVE-2024-23381)
Memory corruption while handling graphics kernel driver requests for DMA fence creation (CVE-2024-23382)
Memory corruption when a kernel driver attempts to trigger a hardware fence (CVE-2024-23383)
Memory corruption if a mapped page in a VBO remains mapped after the Shrinker is reclaimed (CVE-2024-23384)
Transient DOS while parsing a portion of the MBSSID IE in a beacon frame (CVE-2024-33010)
Transient DOS vulnerability if the MBSSID IE length is zero while parsing the MBSSID IE in the beacon (CVE-2024-33011)
While parsing multiple MBSSID IEs in a beacon, a transient DOS occurs when the tag length is a non-zero value but the beacon ends (CVE-2024-33012)
Transient DOS when the driver accesses ML IE memory and the offset value is incremented beyond the ML IE length (CVE-2024-33013)
Transient DOS vulnerability while parsing ESP IEs in beacon/probe response frames (CVE-2024-33014)
Transient DOS vulnerability while parsing SCAN RNR IEs if the bytes received from the AP are smaller than the last parameter size of the IE in the neighbor report (CVE-2024-33015)
Transient DOS vulnerability while parsing a received TID-to-link mapping element in a TID-to-link mapping task frame (CVE-2024-33018)
Transient DOS vulnerability while parsing received TID-to-Link mapping task frames (CVE-2024-33019)
Transient DOS vulnerability while processing TID-to-Link mapping IE elements (CVE-2024-33020)
Memory corruption while waiting for a timeline event and creating a fence that simultaneously signals a timeline event (CVE-2024-33023)
A vulnerability that causes a transient DOS while parsing ML IE if a beacon with a length field within ML IE’s common information is larger than ML IE length (CVE-2024-33024)
A transient DOS vulnerability while parsing the BSS parameter change count or MLD capability field in ML IE (CVE-2024-33025)
Transient DOS while parsing probe response and connection response frames when the received frame length is less than the maximum size of the timestamp (CVE-2024-33026)
Memory corruption could occur if an arbitrary userspace app gained kernel-level privileges to modify DDR memory by corrupting the GPU page table (CVE-2024-33027)
Memory corruption due to continued access to fenced objects in timeline destruction even after the isync fence is cleared (CVE-2024-33028)
Memory corruption while preparing shared memory notifications for memparcel in Resource Manager (CVE-2024-21481)
Vulnerability where a NAS receives an ODAC criterion of length 1 and type 1 upon registration, which causes a transient DOS and allows OTA (CVE-2024-23352)
When IEI is set to ESM_IEI, a vulnerability that causes a transient DOS while decoding a connection reject message received by the UE (CVE-2024-23353)
Memory corruption when fetching a shared key in a keymaster operation (CVE-2024-23355)
Memory corruption during session signature renewal request calls in HLOS (CVE-2024-23356)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.