Google’s May 2021 Android operating system update resolved a total of 42 vulnerabilities, 4 of which were marked as critical severity. The new security patch 2021-05-01 fixes three major critical flaws that were found in system components. These three security vulnerabilities are confirmed to be exploitable, and arbitrary code can be run on vulnerable devices.
As Google explained, “The most serious of these problems is a critical security vulnerability in system components, which may allow remote attackers to use specially crafted files to execute arbitrary code in the context of privileged processes.”
In addition, they also stated that if platform and service mitigation measures are disabled for development purposes, which will cause attackers to successfully bypass the vulnerability, the severity of the vulnerability is more likely to have a higher level of impact.
Google’s smartphone operating system has its own security system, known as the Android security platform, services and protection measures depend on Google game protection. These features make the security vulnerabilities of the Android system unlikely to be successfully exploited.
Join Our RealMi Central Channel On Telegram
2021-05-01 Vulnerability Description:
In the framework part, the most serious vulnerabilities require malicious local applications to bypass the user’s interaction requirements, so additional permissions can be obtained. This vulnerability is divided into different tracking names, which are related to the corresponding Android version. CVE-2021-0472 affects Android 9, 10, and 11; CVE-2021-0485 only affects Android 11, and CVE-2021-0487 only affects Android 11.
In addition to these key flaws, the Android operating system has also patched five other high-risk vulnerabilities. Three of them are related to privilege escalation, while the other two are related to information leakage. This month’s second Android security update, the 2021-05-05 security patch level patch, fixes 29 vulnerabilities in operating system components, including the kernel, framework, AMLogic, ARM, MediaTek, Unigroup Zhanrui, Qualcomm and Qualcomm Closed source.
The most serious of these security vulnerabilities are CVE-2021-0467, which is a critical vulnerability found in AMLogic BootROM, allowing attackers to execute arbitrary code even before signing data. There are also 28 vulnerabilities related to the 2021-05-05 security patch level, but only one of them is marked as medium severity, and the other 27 issues discovered are marked as high severity.
If you like our news and you want to see such news even further, then follow RealMi Central on Telegram (RealMi Central, Xiaomi, Apple, Realme, RMC Gaming, Samsung, Microsoft, OnePlus, Huawei/Honor, Android 12), Twitter, Facebook (Page) (Group) & Instagram.