Android’s June 2024 security update resolves 37 vulnerabilities, including high-severity flaws in Framework and System.
Google this week started rolling out the June 2024 set of monthly security updates for Android, with patches for 37 vulnerabilities, including multiple high-severity elevation of privilege bugs.
The first part of this month’s security update, which arrives on devices as the 2024-06-01 security patch level, resolves 19 flaws in the Framework and System components.
“The most severe of these issues is a high security vulnerability in the System component that could lead to local escalation of privilege with no additional execution privileges needed,” Google notes in its advisory.
A total of seven security defects were addressed in the System component this month, all leading to elevation of privilege. Of the 12 issues resolved in Framework, ten are elevation of privilege bugs, one leads to information disclosure, and one to denial of service.
The second part of the update arrives on devices as the 2024-06-05 security patch level and addresses an additional 18 vulnerabilities in Kernel, Imagination Technologies, and Arm, MediaTek, and Qualcomm components. Three of the Qualcomm-specific flaws are critical.
Devices running a security patch level of 2024-06-05 contain fixes for all these bugs, as well as for security defects addressed with previous patch levels.
This week, Google also announced patches for three other vulnerabilities in the Framework and System components of Wear OS. The Wear OS update also includes all the fixes delivered with the Android 2024-06-05 security patch level.
The June 2024 Android Automotive OS (AAOS) security bulletin, on the other hand, contains no new AAOS patches, but the AAOS update contains Android’s 2024-06-05 security patch level fixes.
No June 2024 security bulletins have been published for Pixel and Pixel Watch devices yet.
Google makes no mention of any of the vulnerabilities addressed with this month’s security updates being exploited in the wild. Users are advised to update their devices as soon as possible.