Google announced on Tuesday the first Android security updates for 2023, which patch a total of 60 vulnerabilities.
The first part of the update, which arrives on devices as the 2023-01-01 security patch level, addresses 19 security defects in the Framework and System components.
“The most severe of these issues is a high security vulnerability in the Framework component that could lead to local escalation of privilege with no additional execution privileges needed,” Google notes in its advisory.
The second part of this month’s security update, which arrives on devices as the 2023-01-05 security patch level, addresses 41 vulnerabilities in Kernel and third-party components.
The most important of these vulnerabilities are four critical-severity flaws in Kernel and Kernel components, all leading to remote code execution (RCE). Two high-severity elevation of privilege bugs were also addressed in Kernel and Kernel components.
The 2023-01-05 security patch level also fixes vulnerabilities in Kernel LTS (1 bug), Imagination Technologies components (1), MediaTek components (3), Unisoc components (13), Qualcomm components (2), and Qualcomm closed-source components (15).
