Google's December security bulletin for Pixel and Nexus smartphones lists 42 vulnerabilities that are to be patched in an update.
"All supported Google devices will receive an update to the 2017-12-05 patch level. We encourage all customers to accept these updates to their devices," Google said.
These vulnerabilities are in addition to the bugs listed in Google's December 2017 Android security bulletin. Google notes that its hardware partners were notified of these issues at least a month ago "and may choose to incorporate them as part of their device updates".
Of the Nexus and Pixel-specific bugs, five are listed in the media framework, varying between high and moderate criticality, and featuring elevation of privilege and information disclosure risks.
There is one bug in Broadcom components that's also related to elevation of privilege, nine kernel bugs that involve elevation of privilege and information disclosure (one is high, the rest are moderate), plus one MediaTek-related flaw.
There are also 26 Qualcomm bugs (all moderate) plus four more in closed-source components -- three moderate and one critical.
Google's Android security bulletin for December warns of 47 bugs: 10 of the vulnerabilities are rated 'critical' in their potential impact -- the most severe type of bugs; the other 37 are rated as 'high' priority.
Previous and related coverage
Android's rapid growth and update challenges have left over one billion devices running very out of date software.
Attacks on three fronts ensure attackers have all the information they need to steal banking details in the latest evolution of the Marcher malware, warn researchers.
Google names most popular and best Android apps of the year.
Read more on Android security
- Google names 42 Android devices with users running security updates from last two months
- Android Oreo: Google adds in more Linux kernel security features
- Google Play Protect rolling out to Android devices for better security
- Amazon's app store compromises Android security
- Most Android users running outdated security patches: report (CNET)
- iOS and Android security: A timeline of the highlights and the lowlights (TechRepublic)