Security News > 2021 > May > May Android security updates patch 4 zero-days exploited in the wild
According to info provided by Google's Project Zero team, four Android security vulnerabilities were exploited in the wild as zero-day bugs before being patched earlier this month.
Attacks attempting to exploit these flaws were targeted and impacted a limited number of users based on information shared after this month's Android security updates were published.
"There are indications that CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664 may be under limited, targeted exploitation," a recently updated version of the May 2021 Android Security Bulletin reveals.
Qualcomm and Arm have published further details on each vulnerability via security advisories issued separately [1, 2]. Android users are recommended to install this month's security updates as soon as possible if they are impacted by these issues.
This month's Android security updates also include patches for critical vulnerabilities in the System component that could be exploited by remote attackers using specially crafted files to execute arbitrary malicious code within the context of a privileged process.
To put things into perspective, more than 9% of all Android devices are still running Android 8.1 Oreo, and roughly 19% Android Pie 9.0, according to StatCounter data.
News URL
Related news
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short (source)
- Android 15 unveils new security features to protect sensitive data (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-10 | CVE-2021-28664 | Out-of-bounds Write vulnerability in ARM products The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. | 8.8 |
| 2021-05-10 | CVE-2021-28663 | Use After Free vulnerability in ARM products The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. | 8.8 |
| 2021-05-07 | CVE-2021-1906 | Improper Handling of Exceptional Conditions vulnerability in Qualcomm products Improper handling of address deregistration on failure can lead to new GPU address allocation failure. | 5.5 |
| 2021-05-07 | CVE-2021-1905 | Use After Free vulnerability in Qualcomm products Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. | 7.8 |