Google specialists have released security updates for Android versions 10, 11 and 12 for March 2022, eliminating three critical vulnerabilities. One of the problems affects all devices running the latest version of the mobile OS.
One of the problems (CVE-2021-39708) is contained in the Android System component and is a privilege escalation vulnerability that does not require user interaction or additional execution privileges. Two other critical vulnerabilities (CVE-2021-1942 and CVE-2021-35110) affect closed source components on Qualcomm-based devices.
No additional technical details have been published about any of the fixed vulnerabilities, as this will put at risk users who have not yet applied the fixes.
In addition to these problems, the security update for March 2022 has been fixed:
- 1 privilege escalation vulnerability in the Android runtime 12;
- 5 Privilege Escalation vulnerabilities in Android Framework (versions 10, 11, 12);
- 2 DoS vulnerabilities in Android Framework (version 12);
- 1 vulnerability of information disclosure in the Media Framework (versions 10, 11, 12);
- 8 privilege escalation vulnerabilities in System (versions 10, 11, 12);
- 1 vulnerability of information disclosure in System (versions 10, 11, 12);
- 4 problems of privilege escalation in the kernel;
- 1 vulnerability of information disclosure in the core;
- 3 vulnerabilities in MediaTek components;
- 10 dangerous problems in Qualcomm components.