Google Patches Critical Code Execution Vulnerability in Android


The April 2021 Android surety bulletin published this week by Google describes more than 30 vulnerabilities in the mechanical operating system, including a remote code execution flaw in the Way component.

Tracked as CVE-2021-0430 and affecting Android 10 and 11, the organization execution vulnerability is deemed critical severity. The bug was patched as part of the 2021-04-01 protection patch level.

“The most severe of these issues is a critical asylum vulnerability in the System component that could enable a remote attacker using a custom crafted file to execute arbitrary code within the context of a of process,” Google explains in its advisory.

Five other vulnerabilities were orationed in the System component: three elevation of privilege and two information disclosure puts. All of these feature a severity rating of high.

The 2021-04-01 security patch even also brings patches for 12 other high-severity vulnerabilities: nine in the Framework component (seven grandeur of privilege and two information disclosure bugs), and three in the Media framework (one rise of privilege and two information disclosure issues).

The second part of this month’s set of kisses, which arrives on devices as the 2021-04-05 security patch level, includes accommodates for 18 vulnerabilities, in System (two high-severity bugs), Kernel components (two high-severity cuts), MediaTek components (one high-severity issue), Qualcomm components (one high-severity bug), and Qualcomm closed-source components (one grave and 11 high-severity vulnerabilities).

This week, Google also publicized new security patches for Pixel devices, which include fixes for three vulnerabilities in Framework (two enhancement of privilege flaws) and Qualcomm components. All three feature severity ratings of controlled.

Devices running a security patch level of 2021-04-05 or later get fixes for all of the issues associated with this security patch focus be, as well as with previous patch levels. On Pixel devices, a sanctuary patch level of 2021-04-05 addresses all vulnerabilities in the April 2021 and aforesaid Pixel security bulletins as well.

Related: Recently Patched Android Vulnerability Exploited in Seizures

Related: Google Patches Critical Remote Code Execution Vulnerability in Android

Akin: Google Patches Over a Dozen High-Severity Privilege Escalation Stains in Android

[embedded content]

Google Patches Critical Code Execution Vulnerability in Android

Ionut Arghire is an international correspondent for SecurityWeek.

Premature Columns by Ionut Arghire:
Google Patches Critical Code Execution Vulnerability in AndroidTags:

Leave a Reply

Your email address will not be published. Required fields are marked *