Security News > 2022 > December > Android December 2022 security updates fix 81 vulnerabilities

Android December 2022 security updates fix 81 vulnerabilities
2022-12-06 16:36

Google has released the December 2022 security update for Android, fixing four critical-severity vulnerabilities, including a remote code execution flaw exploitable via Bluetooth.

CVE-2022-20472 - Remote code execution flaw in Android Framework, impacting Android versions 10 to 13.

CVE-2022-20473 - Remote code execution flaw in Android Framework, impacting Android versions 10 to 13.

CVE-2022-20411 - Remote code execution flaw in Android System, impacting Android versions 10 to 13.

CVE-2022-20498 - Information disclosure flaw in Android System, impacting Android versions 10 to 13.

If your device no longer receives monthly Android security updates or uses Android 9 or older, you are officially out of support.


News URL

https://www.bleepingcomputer.com/news/security/android-december-2022-security-updates-fix-81-vulnerabilities/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-12-13 CVE-2022-20498 Out-of-bounds Read vulnerability in Google Android
In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check.
local
low complexity
google CWE-125
4.4
4.4
2022-12-13 CVE-2022-20473 Out-of-bounds Read vulnerability in Google Android
In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check.
network
low complexity
google CWE-125
critical
 9.8
9.8
2022-12-13 CVE-2022-20472 Out-of-bounds Read vulnerability in Google Android
In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check.
network
low complexity
google CWE-125
critical
 9.8
9.8
2022-12-13 CVE-2022-20411 Out-of-bounds Write vulnerability in Google Android
In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to a missing bounds check.
low complexity
google CWE-787
8.8
8.8