Google releases April 2024 patch for Android, including fixing critical flaw for Qualcomm chips
Take action: Important update for users with Qualcomm chips in their Android phones. Depending on the vendor you might wait for some weeks before the update is released for your phone.
Learn More
Google has released it's Android patch for April 2024, addressing one critical vulnerability alongside 27 other security issues.
The critical flaw is tracked as CVE-2023-28582 (CVSS score 9.8) and impacts devices with Qualcomm chipsets, exposing them to potential remote attacks. This specific vulnerability is associated with a security loophole in the data modem, which could be exploited to perform a buffer overflow during the DTLS protocol handshake verification process.
Additionally, the Android operating system itself was found to contain a high-priority vulnerability that could be exploited by malicious applications to escalate their permissions without any user intervention, thereby gaining access to data or performing actions that exceed their given privileges. This issue highlights the importance of rigorous security practices and the need for continuous updates and patches.
The April security update covers Android versions 12, 12L, 13, and 14. Devices that receive the April updates are set at patch levels “2024-04-01” or “2024-04-05,” which indicates that the vulnerabilities addressed are fully patched as of these versions.
Next step is for manufacturers to integrate these patches into their updates and distribute them to users to ensure the security of their devices.
