Google repairs 2 Android zero-days utilized in targeted attacks
Google repaired 2 actively made use of Android zero-day defects as part of its November security updates, dealing with an overall of 51 vulnerabilities.
Tracked as CVE-2024-43047 and CVE-2024-43093, the 2 problems are marked as made use of in restricted, targeted attacks.
"There are indicators that the following might be under minimal, targeted exploitation," states Google's advisory.
The CVE-2024-43047 defect is a high-severity use-after-free problem in closed-source Qualcomm parts within the Android kernel that raises benefits.
The defect was initially divulged in early October 2024 by Qualcomm as an issue in its Digital Signal Processor (DSP) service.
CVE-2024-43093 is likewise a high-severity elevation of advantage defect, this time affecting the Android Framework part and Googl...