Preface: Vendor did not describe in details, see whether this is the vulnerability they found?
Background: The Android Runtime (ART) and managed core library (libcore) were part of the Runtime module effort in Android 10 along with the native runtime (Bionic) and ICU.
In Android 11, ART and libcore are packaged as non-updateable APEX. Bionic and ICU (code and data) remain on the platform and are separated from ART to improve updatability.
Vulnerability details: Google has started rolling out April 2023 security update for its mobile operating system platform to address a total of 69 new security vulnerabilities affecting Android devices, 6 of which have been rated critical in severity.
This topic we focus to the following vulnerabilities CVE-2023-21085 and CVE-2023-21096.
Official announcement: For details, please refer to the link – https://source.android.com/docs/security/bulletin/2023-04-01