Security News > 2022 > February > Critical 'remote escalation' flaw in Android 12 fixed in Feb security patch batch
The February edition of Google's monthly Android security update tackles, among other vulnerabilities, an eyebrow-raising critical flaw in Android 12.
This February security patch batch marks the final official update for Google's Pixel 3 smartphones, which launched in October 2018, which is like a century ago for the internet goliath.
As this documentation states, the Pixel 3 and Pixel 3 XL will "No longer receive Android version updates and security updates."
As well as CVE-2021-39675, there are five high-severity vulnerabilities patched by Google in the System component, ranging from elevation-of-privilege flaws in Android 11 and 12 to a denial-of-service in Android 10 and 11.
There's a separate set of patches, dated 2022-02-05, that close a high-severity hole in System; a high-severity hole in Amlogic's Fastboot component; five high-severity bugs in MediaTek code; three in Unisoc code; and 10 high-severity and one critical in Qualcomm code.
Source-level patches for these security holes have been released to the Android Open Source Project.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/02/09/android_security_bulletin/
Related news
- The ongoing evolution of the CIS Critical Security Controls (source)
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- 7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now (source)
- Asus lets processor security fix slip out early, AMD confirms patch in progress (source)
- SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation (source)
- Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management (source)
- Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 (source)
- Google patches odd Android kernel security bug amid signs of targeted exploitation (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2021-39675 | Out-of-bounds Write vulnerability in Google Android 12.0 In GKI_getbuf of gki_buffer.cc, there is a possible out of bounds write due to a heap buffer overflow. | 9.8 |