From securityweek.com
Google this week released the May 2020 security patches for the Android operating system, which address several critical vulnerabilities, including one affecting the System component.
A total of 39 vulnerabilities were patched with the release, split into two parts: 15 received fixes as part of the 2020-05-01 security patch level, and 24 addressed with the 2020-05-05 security patch level.
Tracked as CVE-2020-0103, the most important of these vulnerabilities resides in Android System and was found to impact Android 9 and Android 10.
“The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process,” Google notes in its advisory.
The issue was addressed as part of the 2020-05-01 security patch level, along with seven other System bugs: four high severity elevation of privilege flaws, two high risk information disclosure issues, and one moderate severity information disclosure.