Security News > 2022 > February > Critical 'remote escalation' flaw in Android 12 fixed in Feb security patch batch
The February edition of Google's monthly Android security update tackles, among other vulnerabilities, an eyebrow-raising critical flaw in Android 12.
This February security patch batch marks the final official update for Google's Pixel 3 smartphones, which launched in October 2018, which is like a century ago for the internet goliath.
As this documentation states, the Pixel 3 and Pixel 3 XL will "No longer receive Android version updates and security updates."
As well as CVE-2021-39675, there are five high-severity vulnerabilities patched by Google in the System component, ranging from elevation-of-privilege flaws in Android 11 and 12 to a denial-of-service in Android 10 and 11.
There's a separate set of patches, dated 2022-02-05, that close a high-severity hole in System; a high-severity hole in Amlogic's Fastboot component; five high-severity bugs in MediaTek code; three in Unisoc code; and 10 high-severity and one critical in Qualcomm code.
Source-level patches for these security holes have been released to the Android Open Source Project.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/02/09/android_security_bulletin/
Related news
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2021-39675 | Out-of-bounds Write vulnerability in Google Android 12.0 In GKI_getbuf of gki_buffer.cc, there is a possible out of bounds write due to a heap buffer overflow. | 9.8 |