Security News > 2021 > January > Google Releases January 2021 Security Updates for Android

Google Releases January 2021 Security Updates for Android
2021-01-05 14:59

Google this week announced the January 2021 security updates for Android devices, which address 42 vulnerabilities, including four rated critical severity.

Addressed as part of the 2021-01-01 security patch level and tracked as CVE-2021-0316, the most important of these flaws is a critical security bug in System that could be exploited to achieve code execution remotely.

The 2021-01-01 security patch level also fixes fifteen vulnerabilities in Framework, including a critical denial of service flaw, eight high-severity elevation of privilege bugs, four high-severity information disclosure issues, one high-severity DoS flaw, and one medium-severity remote code execution vulnerability.

The second part of the Android security updates for January 2021 addresses a total of 19 vulnerabilities in Kernel, MediaTek, and Qualcomm components.

All of these issues, as well as vulnerabilities patched with previous Android security updates, are resolved on devices running a security patch level of 2021-01-05 or later.

On Pixel devices, a security patch level of 2021-01-05 also addresses four other vulnerabilities: a high-severity elevation of privilege in Framework and a moderate one in Kernel components, along with a moderate flaw in Qualcomm components and another in Qualcomm closed-source components.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/o_GP7tipbNk/google-releases-january-2021-security-updates-android

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-01-11 CVE-2021-0316 Out-of-bounds Write vulnerability in Google Android
In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of bounds write due to a missing bounds check.
network
low complexity
google CWE-787
critical
10.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 141 994 4922 2872 1623 10411
Android 4 0 17 2 0 19