Security News > 2021 > November > Android Patches Actively Exploited Zero-Day Kernel Bug

Android Patches Actively Exploited Zero-Day Kernel Bug
2021-11-02 17:20

Among Google's November Android security updates is a patch for a zero-day weakness that "May be under limited, targeted exploitation," the company said.

In this case, it can be exploited for local escalation of privilege and, when paired with a remote code execution bug, an exploit could allow attackers to gain administrative control over a targeted system.

There's precedent for that: Earlier this year, Android devices were targeted in an espionage campaign that adapted the LodaRAT - known for targeting Windows devices - to also go after Android devices in a campaign that targeted Bangladesh.

The flaws could enable a remote attacker to execute arbitrary code within the context of a privileged process by sending a specially crafted transmission to targeted devices.

Another critical flaw can be found in Android TV remote service - which allows Android phones or tablets to be used as a remote for an Android TV. This one's another RCE, tracked as CVE-2021-0889.

Another 29 bugs are rated as high-severity, with patches addressing vulnerabilities in the Framework, Media Framework, System, kernel, Android TV, MediaTek and Qualcomm components.


News URL

https://threatpost.com/android-patches-exploited-kernel-bug/175931/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-12-15 CVE-2021-0889 Unspecified vulnerability in Google Android
In Android TV , there is a possible silent pairing due to lack of rate limiting in the pairing flow.
network
low complexity
google
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Kernel 3 0 7 4 1 12