A pair of critical security vulnerabilities in Google’s Pixel mobile phone line could lead to privilege escalation and device takeover.
The Pixel bugs, tracked as CVE-2022-20231 and CVE-2022-20364, are in the Trust and Kernel components, respectively, according to Google’s Android security advisory.
“For Google devices, security patch levels of 2022-09-05 or later address all issues in this bulletin and all issues in the September 2022 Android Security Bulletin,” Google said in its Pixel patch advisory. “All supported Google devices will receive an update to the 2022-09-05 patch level. We encourage all customers to accept these updates to their devices.”