Google released security updates to address 37 vulnerabilities as part of the Android security updates for March 2021, the most severe one is a critical flaw in the System component tracked as CVE-2021-0397.
Google addressed the flaw as part of the 2021-03-01 security patch level.
The CVE-2021-0397 vulnerability is a remote code execution issue and that affects Android 8.1, 9, 10, and 11 releases.
“The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process,” reads the advisory published by Google.
The tech giant also fixed a total of 27 other security flaws as part of the 2021-03-05 security patch level, including one in Kernel components, four in Qualcomm components, and 22 in Qualcomm closed-source components.
5 out of 27 issues were rated as critical (CVE-2020-11192, CVE-2020-11204, CVE-2020-11218, CVE-2020-11227, CVE-2020-11228) and affect Qualcomm closed-source components.
Google’s March 2021 Android Security Bulletin also includes the fix for the CVE-2021-0390 flaw in Project Mainline components, which affects Wi-Fi.
Why does this bulletin have two security patch levels?
Partners are encouraged to bundle the fixes for all issues they are addressing in a single update.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, Google)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.