Google addresses 4 zero-day flaws in Android exploited in the wild

Pierluigi Paganini May 19, 2021

Google released Android Security Bulletin for May 2021 security updates that address four zero-day vulnerabilities that were exploited in the wild.

Android Security Bulletin for May 2021 security updates address four zero-day vulnerabilities, tracked as CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664, that were actively exploited in the wild.

The four vulnerabilities impact Qualcomm GPU and Arm Mali GPU Driver components, according to Google Project Zero researchers the attacks exploiting them targeted a limited number of users.

CVE-2021-1905Use After Free in Graphics. Possible use after free due to improper handling of memory mapping of multiple processes simultaneously.
CVE-2021-1906Improper handling of address deregistration on failure can lead to new GPU address allocation failure.
CVE-2021-28663A non-privileged user can make improper operations on GPU memory to enter into a use-after-free scenario and may be able to gain root privilege, and/or disclose information.
CVE-2021-28664A non-privileged user can get a write access to read-only memory, and may be able to gain root privilege, corrupt memory and modify the memory of other processes.

“The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications.” reads the Android Security Bulletin. “There are indications that CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664 may be under limited, targeted exploitation.”

Android addresses three critical issues, tracked as CVE-2021-0473, CVE-2021-0474, CVE-2021-0475 impacting the System component and one critical flaw tracked as CVE-2021-0467 in the AMLogic.

The critical issues in the System component could be exploited by remote attackers using a specially crafted file to execute arbitrary code within the context of a privileged process.

Android users should install the updates as soon as possible.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Android)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment