Recently, Google released the Android patch in July 2018, which solved 44 vulnerabilities in the operating system.
It is understood that these 44 vulnerabilities include Framework, Media Framework, Kernel and Qualcomm components, as well as Qualcomm, closed source component problems, where the fatal weakness is remote code execution, other vulnerabilities include information disclosure, denial of service and escalation. The most severe vulnerability number affecting the framework, CVE-2018-9433, affects Kernel’s most severe vulnerability number CVE-2018-9365, affecting the most severe vulnerability number of the Media Framework component, CVE-2018-9411.
The affected versions of Android are widely available, including Android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, and 8.1.
The most serious of these problems is a fatal vulnerability in the Media framework that allows remote attackers to execute arbitrary code in the context of a privileged process using specially crafted files.
More information found in this Android Security Bulletin report.