Security News > 2020 > February > Android's February 2020 Update Patches Critical System Vulnerabilities
Google this week released the February 2020 set of security updates for the Android operating system, which address a total of 25 vulnerabilities, including 2 rated critical severity.
Tracked as CVE-2020-0022, the first of these bugs is a remote code execution vulnerability that is considered critical only on Android 8.0, 8.1, and 9 devices.
Impacting Android 10 only, the second critical flaw is tracked as CVE-2020-0023 and can lead to information disclosure.
Three of them are elevation of privilege bugs impacting Android 8.0, 8.1, 9, and 10, while the fourth is an information disclosure issue affecting Android 9.
In addition to the issues addressed with the February 2020 Android security updates, Google this month released patches for four other vulnerabilities affecting supported Pixel devices.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-13 | CVE-2020-0022 | Incorrect Calculation vulnerability in multiple products In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. | 8.8 |
| 2020-02-13 | CVE-2020-0023 | Incorrect Default Permissions vulnerability in Google Android 10.0 In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user contacts over bluetooth due to a missing permission check. | 4.7 |