Security News > 2022 > December > Android December 2022 security updates fix 81 vulnerabilities
2022-12-06 16:36
Google has released the December 2022 security update for Android, fixing four critical-severity vulnerabilities, including a remote code execution flaw exploitable via Bluetooth.
CVE-2022-20472 - Remote code execution flaw in Android Framework, impacting Android versions 10 to 13.
CVE-2022-20473 - Remote code execution flaw in Android Framework, impacting Android versions 10 to 13.
CVE-2022-20411 - Remote code execution flaw in Android System, impacting Android versions 10 to 13.
CVE-2022-20498 - Information disclosure flaw in Android System, impacting Android versions 10 to 13.
If your device no longer receives monthly Android security updates or uses Android 9 or older, you are officially out of support.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-13 | CVE-2022-20498 | Out-of-bounds Read vulnerability in Google Android In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. | 4.4 |
| 2022-12-13 | CVE-2022-20473 | Out-of-bounds Read vulnerability in Google Android In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. | 9.8 |
| 2022-12-13 | CVE-2022-20472 | Out-of-bounds Read vulnerability in Google Android In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. | 9.8 |
| 2022-12-13 | CVE-2022-20411 | Out-of-bounds Write vulnerability in Google Android In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to a missing bounds check. | 8.8 |