Google fixes critical Wi-Fi and media-processing flaws in Android

Google has patched thirteen new vulnerabilities in Android, two of which could allow attackers to take control of Android devices located on the same Wi-Fi network, if they have Broadcom chips.

The two critical vulnerabilities are located in the Broadcom Wi-Fi driver and can be exploited by sending specially crafted wireless control packets to the affected devices. These messages could corrupt the kernel’s memory and allow for the execution of arbitrary code in the kernel — the highest privileged area of the operating system.

These flaws are critical because the attack doesn’t require any user interaction, can be exploited remotely and can lead to a complete device compromise.

To read this article in full or to leave a comment, please click here