Google has issued an urgent security update to patch a severe zero-day flaw in Android, which hackers are actively exploiting. The vulnerability, identified as CVE-2024-36971, targets the mobile operating system’s kernel, allowing attackers to execute code remotely with system privileges. This can lead to unauthorized installation of malware.
The flaw is related to the “__dst_negative_advice()” kernel function, which failed to enforce a crucial synchronization mechanism called Read-Copy Update (RCU). This oversight results in a use-after-free vulnerability, where freed memory locations are re-accessed, causing memory corruption and potential system manipulation.
Google discovered the flaw through security researcher Clément Lecigne, known for uncovering vulnerabilities used by surveillance companies. The limited, targeted exploitation hints at sophisticated attackers, possibly state-sponsored or commercial spyware vendors, aiming at high-profile targets.
To safeguard your device, Google has begun distributing the patch in the 2024-08-05 security update. Users are advised to install this update promptly to protect against potential attacks.