Google squashes Android zero‑day bug exploited in targeted attacks
Information about Google squashes Android zero‑day bug exploited in targeted attacks
Beyond the vulnerability in the Android kernel, the monthly round of security patches plugs another 38 security loopholes
Google has released its monthly round of security patches for Android that plugs a bevy of vulnerabilities, including a zero-day flaw that is believed to be actively exploited in the wild by threat actors.
“There are indications that CVE-2021-1048 may be under limited, targeted exploitation,” Google said in its November security bulletin round-up. The zero-day vulnerability, classified as high in severity, is a use-after-free flaw residing in the kernel component and could lead to a local escalation of privilege.
The tech titan didn’t disclose any further information about the security loophole presumably to give as many users as possible a chance to patch their systems and so to lower chances of any further exploitation by cybercriminals.
Beyond the zero-day, the monthly round-up of security patches addresses another 38 vulnerabilities. Five of the security loopholes have been branded as critical in severity. CVE-2021-0930 and CVE-2021-0918 are remote code execution bugs that affect Android’s system component. The most severe of the vulnerabilities affecting the system component could potentially allow remote threat actors to execute arbitrary code within the context of a privileged process by employing a specially crafted transmission
Another two critical vulnerabilities were found to affect Qualcomm closed-source components, namely CVE-2021-1924 and CVE-2021-1975. The Sand Diego-based chip manufacturer provides the severity rating for the issues affecting its components.
“Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT” reads the company’s description of CVE-2021-1924 security bulletin. Meanwhile, CVE-2021-1975 is described as a “possible heap overflow due to improper length check of domain while parsing the DNS response.”
The fifth, and final, vulnerability rated as critical affected the Android TV Remote Service component. Indexed as CVE-2021-0889, the remote code execution flaw could allow a threat actor in close vicinity to covertly pair with television and run arbitrary code, without any privileges and without the need for any type of user interaction.
Users would do well to patch their devices as soon as applicable. Security patch levels of 2021-011-06 or later should address all the security vulnerabilities listed in this month’s Android Security Bulletin. If you’re not familiar with how to check your device’s security patch level you can refer to Google’s handy guide that will walk you through the process.