Google has published this month’s Android security bulletin, and the company provided a fix for the KRACK vulnerability that came to light last month. The Android Security Bulletin for November 2017 is split as three separate packages: 2017-11-01, 2017-11-05, and 2017-11-06. The KRACK fixes are included in the latter, 2017-11-06.



Google also patched other security bugs as part of the November 2017 Android Security Bulletin. These include five remote code execution bugs in the Media framework that allow attackers to take over devices via malformed multimedia files. In addition, the security bulletin also includes fixes for six bugs reported by security researcher Scotty Bauer. The bugs (also remote code execution flaws) affect the Qualcomm WLAN component.

Discussion

Source: [H]ardOCP – Google Patches KRACK WPA2 Vulnerability in Android