I don't think this has been publicly admitted. I'm fairly certain for 3 reasons though:

1) Google contributes tons of security fixes to Flash. 2) Google announced they will rework Linux Flash to use PPAPI and make it Chrome only. Adobe seems to have abandoned Linux Flash entirely. Logical conclusion is what Google will do this themselves - and they'll need the source code for that. 3) Android shipped with Flash and Google pushed it as a major feature over iOS. This also points to strong collaboration. Android had Flash very early - much earlier than Adobe could have done it themselves.

I admit I was also trolling here to see if one of the Google security guys (who already posted in other threads regarding this) would bite and deny it - in which case I have an indication to the contrary :-)

I was an engineer on Adobe's Flash team.

Google's Chrome team has full access to Adobe's Flash code. The Chrome team maintains their own Flash builds and releases. That's how they can do things like Pepper, even if Adobe doesn't care about Pepper for other platforms. There have been news stories about Chrome updating their Flash a day or two before Adobe, thus revealing security holes in other browsers' Flash.

Google's Android team, for mysterious lawyery reasons, does not access to any Flash code. Adobe had an army of 10-20 engineers and QA working exclusively on Flash for Android. (This is yet another example that Android's device fragmentation is an expensive problem and requires lots of manpower.)

The source code for Flash is not exactly a closely guarded secret, there are quite a few companies that have licenses to it. I'd be shocked if Google wasn't one of them.

Google is rich beyond the dreams of mortal men (quoting patio11). Money can buy access to source code. Not an excuse.