Security News > 2021 > April > Google Patches Critical Code Execution Vulnerability in Android

The April 2021 Android security bulletin published this week by Google describes more than 30 vulnerabilities in the mobile operating system, including a remote code execution flaw in the System component.

Tracked as CVE-2021-0430 and affecting Android 10 and 11, the code execution vulnerability is deemed critical severity.

"The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process," Google explains in its advisory.

The 2021-04-01 security patch level also brings patches for 12 other high-severity vulnerabilities: nine in the Framework component, and three in the Media framework.

This week, Google also announced new security patches for Pixel devices, which include fixes for three vulnerabilities in Framework and Qualcomm components.

Devices running a security patch level of 2021-04-05 or later have fixes for all of the issues associated with this security patch level, as well as with previous patch levels.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/gsoHOGsJEC0/google-patches-critical-code-execution-vulnerability-android