Security News > 2021 > April > Google Patches Critical Code Execution Vulnerability in Android
The April 2021 Android security bulletin published this week by Google describes more than 30 vulnerabilities in the mobile operating system, including a remote code execution flaw in the System component.
Tracked as CVE-2021-0430 and affecting Android 10 and 11, the code execution vulnerability is deemed critical severity.
"The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process," Google explains in its advisory.
The 2021-04-01 security patch level also brings patches for 12 other high-severity vulnerabilities: nine in the Framework component, and three in the Media framework.
This week, Google also announced new security patches for Pixel devices, which include fixes for three vulnerabilities in Framework and Qualcomm components.
Devices running a security patch level of 2021-04-05 or later have fixes for all of the issues associated with this security patch level, as well as with previous patch levels.
News URL
Related news
- Google Patches New Android Kernel Vulnerability Exploited in the Wild (source)
- Apache fixes critical OFBiz remote code execution vulnerability (source)
- Google fixes Android kernel zero-day exploited in targeted attacks (source)
- Google splats device-hijacking exploited-in-the-wild Android kernel bug among others (source)
- Google: Gemini AI for Android processes sensitive data locally (source)
- Google says it's focusing on privacy with Gemini AI on Android (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data (source)
- SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access (source)
- Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-13 | CVE-2021-0430 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0 In rw_mfc_handle_read_op of rw_mfc.cc, there is a possible out of bounds write due to a missing bounds check. | 10.0 |