Security News > 2021 > November > Android Patches Actively Exploited Zero-Day Kernel Bug
Among Google's November Android security updates is a patch for a zero-day weakness that "May be under limited, targeted exploitation," the company said.
In this case, it can be exploited for local escalation of privilege and, when paired with a remote code execution bug, an exploit could allow attackers to gain administrative control over a targeted system.
There's precedent for that: Earlier this year, Android devices were targeted in an espionage campaign that adapted the LodaRAT - known for targeting Windows devices - to also go after Android devices in a campaign that targeted Bangladesh.
The flaws could enable a remote attacker to execute arbitrary code within the context of a privileged process by sending a specially crafted transmission to targeted devices.
Another critical flaw can be found in Android TV remote service - which allows Android phones or tablets to be used as a remote for an Android TV. This one's another RCE, tracked as CVE-2021-0889.
Another 29 bugs are rated as high-severity, with patches addressing vulnerabilities in the Framework, Media Framework, System, kernel, Android TV, MediaTek and Qualcomm components.
News URL
https://threatpost.com/android-patches-exploited-kernel-bug/175931/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-15 | CVE-2021-0889 | Unspecified vulnerability in Google Android In Android TV , there is a possible silent pairing due to lack of rate limiting in the pairing flow. | 9.8 |