In keeping with information supplied by Google’s Undertaking Zero workforce, 4 Android safety vulnerabilities have been exploited within the wild as zero-day bugs earlier than being patched earlier this month.
Assaults trying to use these flaws have been focused and impacted a restricted variety of customers based mostly on data shared after this month’s Android safety updates have been printed.
“There are indications that CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664 could also be below restricted, focused exploitation,” a not too long ago up to date model of the Could 2021 Android Safety Bulletin reveals.
For 2021, we have surpassed the variety of 0-days detected in-the-wild in all of 2020. That is nice!https://t.co/o4F74b68Fh
— Maddie Stone (@maddiestone) May 19, 2021
The 4 Android vulnerabilities impression Qualcomm GPU and Arm Mali GPU Driver elements.
Android customers are beneficial to put in this month’s safety updates as quickly as doable if they’re impacted by these points.
|CVE-2021-1905||Qualcomm – Use After Free in Graphics. Attainable use after free attributable to improper dealing with of reminiscence mapping of a number of processes concurrently.|
|CVE-2021-1906||Qualcomm – Detection of Error Situation With out Motion in Graphics. Improper dealing with of deal with deregistration on failure can result in new GPU deal with allocation failure.|
|CVE-2021-28663||ARM – Mali GPU Kernel Driver permits improper operations on GPU reminiscence. A non-privileged person could make improper operations on GPU reminiscence to enter right into a use-after-free state of affairs and could possibly acquire root privilege, and/or disclose data.|
|CVE-2021-28664||ARM – Mali GPU Kernel Driver elevates CPU RO pages to writable. A non-privileged person can get a write entry to read-only reminiscence, and could possibly acquire root privilege, corrupt reminiscence and modify the reminiscence of different processes.|
This month’s Android safety updates additionally embrace patches for critical vulnerabilities in the System component that might be exploited by distant attackers utilizing specifically crafted information to execute arbitrary malicious code inside the context of a privileged course of.
Regrettably, customers who have not switched to new units that also obtain month-to-month safety updates may not be capable to set up these patches.
To place issues into perspective, greater than 9% of all Android units are nonetheless operating Android 8.1 Oreo (launched in December 2017), and roughly 19% Android Pie 9.0 (launched in August 2018), in accordance with StatCounter data.
In December, Qualcomm additionally addressed a high severity security vulnerability in Cell Station Modem (MSM) chips (together with the most recent 5G-capable variations) that may permit attackers to entry smartphone customers’ textual content messages, name historical past, and eavesdrop on their conversations.
Final 12 months, Qualcomm fixed more vulnerabilities impacting the Snapdragon chip Digital Sign Processor (DSP) chip and enabling attackers to take management of smartphones with out person interplay and create unremovable malware that may evade detection.
Different bugs that would permit decrypting some WPA2-encrypted wireless network packets, accessing critical data, and two flaws within the Snapdragon SoC WLAN firmware permitting over the air compromise of the modem and the Android kernel have been additionally patched over the last two years.