Android Security Bulletin for May 2021 security updates address four zero-day vulnerabilities, tracked as CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664, that were actively exploited in the wild.
|Use After Free in Graphics. Possible use after free due to improper handling of memory mapping of multiple processes simultaneously.
|Improper handling of address deregistration on failure can lead to new GPU address allocation failure.
|A non-privileged user can make improper operations on GPU memory to enter into a use-after-free scenario and may be able to gain root privilege, and/or disclose information.
|A non-privileged user can get a write access to read-only memory, and may be able to gain root privilege, corrupt memory and modify the memory of other processes.
“The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications.” reads the Android Security Bulletin. “There are indications that CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664 may be under limited, targeted exploitation.”
Android addresses three critical issues, tracked as CVE-2021-0473, CVE-2021-0474, CVE-2021-0475 impacting the System component and one critical flaw tracked as CVE-2021-0467 in the AMLogic.
The critical issues in the System component could be exploited by remote attackers using a specially crafted file to execute arbitrary code within the context of a privileged process.
Android users should install the updates as soon as possible.
(SecurityAffairs – hacking, Android)