Android Security Bulletin—March 2023

Topic

New Reply

https://source.android.com/docs/security/bulletin/2023-03-01

CVE-2023-20906 A-221040577 EoP High 11, 12, 12L, 13
CVE-2023-20911 A-242537498 EoP High 11, 12, 12L, 13
CVE-2023-20917 A-242605257 EoP High 11, 12, 12L, 13
CVE-2023-20947 A-237405974 EoP High 12, 12L, 13
CVE-2023-20963 A-220302519 EoP High 11, 12, 12L, 13
CVE-2023-20956 A-240140929 ID High 12, 12L, 13
CVE-2023-20958 A-254803162 ID High 13
CVE-2023-20964 A-238177121 DoS High 12, 12L, 13

CVE-2023-20951 A-258652631 RCE Critical 11, 12, 12L, 13
CVE-2023-20954 A-261867748 RCE Critical 11, 12, 12L, 13
CVE-2023-20926 A-253043058 EoP High 12, 12L, 13
CVE-2023-20931 A-242535997 EoP High 11, 12, 12L, 13
CVE-2023-20936 A-226927612 EoP High 11, 12, 12L, 13
CVE-2023-20953 A-251778420 EoP High 13
CVE-2023-20955 A-258653813 EoP High 11, 12, 12L, 13
CVE-2023-20957 A-258422561 EoP High 11, 12, 12L
CVE-2023-20959 A-249057848 EoP High 13
CVE-2023-20960 A-250589026 EoP High 12L, 13
CVE-2023-20966 A-242299736 EoP High 11, 12, 12L, 13
CVE-2022-4452 A-251802307 ID High 13
CVE-2022-20467 A-225880741 ID High 11, 12, 12L, 13
CVE-2023-20929 A-234442700 ID High 13
CVE-2023-20952 A-186803518 ID High 11, 12, 12L, 13
CVE-2023-20962 A-256590210 ID High 13
CVE-2022-20499 A-246539931 DoS High 12, 12L, 13
CVE-2023-20910 A-245299920 DoS High 11, 12, 12L, 13

CVE-2021-33655 A-240019719
Upstream kernel [2] [3] EoP High Frame Buffer

CVE-2023-20620 A-264149248
M-ALPS07554558 * High adsp
CVE-2023-20621 A-264208866
M-ALPS07664755* High tinysys
CVE-2023-20623 A-264209787
M-ALPS07559778 * High ion

CVE-2022-47459 A-264598465
U-2032124 * High Kernel
CVE-2022-47461 A-264834026
U-2066617 * High system
CVE-2022-47462 A-264834568
U-2066754 * High system
CVE-2022-47460 A-264831217
U-2044606 * High Kernel

CVE-2022-22075 A-193434313
QC-CR#3129138
QC-CR#3112398 [2] [3] High Display
CVE-2022-40537 A-261468700
QC-CR#3278869 [2] [3] [4] High Bluetooth
CVE-2022-40540 A-261470730
QC-CR#3280498 High Kernel

CVE-2022-33213 A-238106224 * Critical Closed-source component
CVE-2022-33256 A-245402790 * Critical Closed-source component
CVE-2022-25655 A-261469326 * High Closed-source component
CVE-2022-25694 A-235102547 * High Closed-source component
CVE-2022-25705 A-235102507 * High Closed-source component
CVE-2022-25709 A-235102420 * High Closed-source component
CVE-2022-33242 A-245402503 * High Closed-source component
CVE-2022-33244 A-245402728 * High Closed-source component
CVE-2022-33250 A-245403450 * High Closed-source component
CVE-2022-33254 A-245403473 * High Closed-source component
CVE-2022-33272 A-245403311 * High Closed-source component
CVE-2022-33278
A-245402730 * High Closed-source component
CVE-2022-33309 A-261468683 * High Closed-source component
CVE-2022-40515 A-261469638 * High Closed-source component
CVE-2022-40527 A-261470448 * High Closed-source component
CVE-2022-40530 A-261471028 * High Closed-source component
CVE-2022-40531 A-261469091 * High Closed-source component
CVE-2022-40535 A-261470732 * High Closed-source component…

1 user thanked author for this post.

Fred

Reply | Quote

Replies

Thanks Alex.

For users of Pixel phones that are still eligible for updates, this will be the third security and minor bug update of the year.

https://support.google.com/pixelphone/community?hl=en

Second update

https://support.google.com/pixelphone/thread/200738915

1 user thanked author for this post.

Fred

Reply | Quote

For none Pixel phones the majority won’t get the updates.

Reply | Quote

Report:  OTA March security and minor features update within the last couple of days for Pixel 6A on TMobile USA

Reply | Quote