CISA ordered federal companies as we speak to patch a high-severity Arm Mali GPU kernel driver privilege escalation flaw added to its checklist of actively exploited vulnerabilities and addressed with this month’s Android safety updates.

The flaw (tracked as CVE-2021-29256) is a use-after-free weak point that may let attackers escalate to root privileges or acquire entry to delicate data on focused Android gadgets by permitting improper operations on GPU reminiscence.

“A non-privileged Person could make improper operations on GPU reminiscence to achieve entry to already freed reminiscence and could possibly acquire root privilege, and/or disclose data,” Arm’s advisory reads.

“This challenge is fastened in Bifrost and Valhall GPU Kernel Driver r30p0 and stuck in Midgard Kernel Driver r31p0 launch. Customers are beneficial to improve if they’re impacted by this challenge.”

With this month’s safety updates for the Android working system, Google patched two extra safety flaws tagged as being exploited in assaults.

CVE-2023-26083 is a medium-severity reminiscence leak flaw within the Arm Mali GPU driver leveraged in December 2022 as a part of an exploit chain that delivered adware to Samsung gadgets.

A 3rd vulnerability, tracked as CVE-2023-2136 and rated as vital severity, is an integer overflow bug present in Google’s Skia, an open-source multi-platform 2D graphics library. Notably, Skia is used with the Google Chrome internet browser, the place it was addressed in April as a zero-day bug.

Federal companies ordered to safe Android gadgets inside 3 weeks

U.S. Federal Civilian Government Department Companies (FCEB) have been given till July twenty eighth to safe their gadgets in opposition to assaults focusing on the CVE-2021-29256 vulnerability added to CISA’s checklist of Recognized Exploited Vulnerabilities as we speak.

In accordance with the binding operational directive (BOD 22-01) issued in November 2021, federal companies are sure to totally assess and handle any safety flaws outlined in CISA’s KEV catalog.

Though the catalog primarily focuses on U.S. federal companies, it is also strongly beneficial that non-public firms prioritize and patch all vulnerabilities listed in CISA’s catalog.

“Some of these vulnerabilities are frequent assault vectors for malicious cyber actors and pose important dangers to the federal enterprise,” CISA warned as we speak.

Earlier this week, the cybersecurity company warned that attackers behind the TrueBot malware operation exploit a vital distant code execution (RCE) vulnerability within the Netwrix Auditor software program for preliminary entry to targets’ networks.

One week earlier, CISA additionally warned of distributed denial-of-service (DDoS) assaults focusing on U.S. organizations throughout a number of trade sectors.