Google releases Android December 2022 Updates
Google has released December 2022 Android updates with patches for over 75 vulnerabilities, including multiple critical RCE flaws.
The most critical of the bug is CVE-2022-20411, an issue in Android’s system component that could be exploited over Bluetooth.
The next two critical severity RCE flaws tracked as CVE-2022-20472 and CVE-2022-20473 were resolved in the Framework component. Google also patched a critical information disclosure CVE-2022-20498 in the system component.
An additional 35 high-severity vulnerabilities were resolved as part of the 2022-12-05 security patch level, in Kernel, Imagination Technologies, MediaTek, Unisoc, and Qualcomm components.
Devices using a security patch level of 2022-12-05 or newer include patches for all the vulnerabilities above, as well as for those resolved with previous Android security updates.
Overall, 151 Pixel-specific vulnerabilities were resolved this month. Most of the bugs are medium severity escalation of privilege issues, with numerous information disclosure bugs addressed as well.