The July Android Security Bulletin tackles 44 vulnerabilities in all, with the bulk rated high in severity. The most severe of the vulnerabilities patched is a critical flaw in the Android OS Media framework. If exploited, a remote attacker could use a specially crafted file and execute arbitrary code within the context of a privileged process, Google said. The vulnerabilities varied from OS framework to Media framework bugs, including system and kernel component-related issues. A separate July Security Bulletin was released for the Pixel and Nexus handsets by Google.
Source: https://threatpost.com/google-patches-critical-remote-code-execution-bugs-in-android-os/133747/