Name of the Vulnerable Software and Affected Versions:

Android Runtime (affected versions not specified)

Description:

The Android Runtime contains a use-after-free vulnerability that allows for escaping the Chrome sandbox to attack the Android system server. Successful exploitation could lead to local escalation of privilege without requiring additional execution privileges or user interaction. This vulnerability is under active exploitation, with federal agencies required to patch by September 25th. Approximately an unspecified number of devices are potentially affected worldwide.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.