Security News > 2023 > July > Google: Android patch gap makes n-days as dangerous as zero-days
Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that elevates the value and use of disclosed flaws for extended periods.
Once Google learns about it, it becomes an n-day, with the n reflecting the number of days since it became publicly known.
Google warns that attackers can use n-days to attack unpatched devices for months, using known exploitation methods or devising their own, despite a patch already being made available by Google or another vendor.
This is caused by patch gaps, where Google or another vendor fixes a bug, but it takes months for a device manufacturer to roll it out in their own versions of Android.
In 2022, many issues of this kind impacted Android, most notably CVE-2022-38181, a vulnerability in the ARM Mali GPU. This flaw was reported to the Android Security team in July 2022, deemed as "Won't fix," patched by ARM in October 2022, and finally incorporated in the Android April 2023 security update.
Even after Google releases the Android security update, it takes device vendors up to three months to make the fixes available for supported models, giving attackers yet another window of exploitation opportunity for specific devices.
News URL
Related news
- Google fixes Android kernel zero-day exploited in attacks (source)
- Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast (source)
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day (source)
- Google blocked 2.36 million risky Android apps from Play Store in 2024 (source)
- Google Bans 158,000 Malicious Android App Developer Accounts in 2024 (source)
- Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 (source)
- Google patches odd Android kernel security bug amid signs of targeted exploitation (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-25 | CVE-2022-38181 | Use After Free vulnerability in ARM products The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. | 8.8 |