Android Security Bulletin for May 2021 security updates address four zero-day vulnerabilities, tracked as CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664, that were actively exploited in the wild.
|CVE-2021-1905||Use After Free in Graphics. Possible use after free due to improper handling of memory mapping of multiple processes simultaneously.|
|CVE-2021-1906||Improper handling of address deregistration on failure can lead to new GPU address allocation failure.|
|CVE-2021-28663||A non-privileged user can make improper operations on GPU memory to enter into a use-after-free scenario and may be able to gain root privilege, and/or disclose information.|
|CVE-2021-28664||A non-privileged user can get a write access to read-only memory, and may be able to gain root privilege, corrupt memory and modify the memory of other processes.|
“The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications.” reads the Android Security Bulletin. “There are indications that CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664 may be under limited, targeted exploitation.”
Android addresses three critical issues, tracked as CVE-2021-0473, CVE-2021-0474, CVE-2021-0475 impacting the System component and one critical flaw tracked as CVE-2021-0467 in the AMLogic.
The critical issues in the System component could be exploited by remote attackers using a specially crafted file to execute arbitrary code within the context of a privileged process.
Android users should install the updates as soon as possible.
(SecurityAffairs – hacking, Android)