Monthly security patches have been released by Google for Android, fixing 39 flaws inclusive of a zero-day vulnerability which is actively being exploited in the wild in limited targeted attacks.
The zero-day bug tracked as CVE-2021-1048 is described as a use-after-free vulnerability in the kernel which could be exploited for local privilege escalation. Use-after-free could enable a threat actor to access or referencing memory after it has been freed, leading to a “write-what-where” condition resulting in the execution of arbitrary code enabling a total takeover and control of a victims system
See: How To Hack an Android Device
Google noted in its November advisory that there could be possibility that CVE-2021-1048 maybe under limited, targeted exploitation. However technical details of the vulnerability and nature of intrusion and identities of the attackers that may have abused the flaw was not revealed.
Inclusive in the patch are two remote code execution (RCE) vulnerabilities — CVE-2021-0918 and CVE-2021-0930 — which could allow remote adversaries to execute malicious code within the context of a privileged process by sending a specially-crafted transmission to targeted devices.
Another major flaw is CVE-2021-1924 and CVE-2021-1975 affecting Qualcomm closed-source components, as wellas a vulnerability in Android TV (CVE-2021-0889) which could give hackers in close proximity the permission to silently pair with a TV and execute arbitrary code with no privileges or user interaction required.
With the latest round of updates, Google has addressed a total of six zero-days in Android since the start of the year —
CVE-2020-11261 (CVSS score: 8.4) – Improper input validation in Qualcomm Graphics component
CVE-2021-1905 (CVSS score: 8.4) – Use-after-free in Qualcomm Graphics component
CVE-2021-1906 (CVSS score: 6.2) – Detection of error condition without action in Qualcomm Graphics component
CVE-2021-28663 (CVSS score: 8.8) – Mali GPU Kernel Driver allows improper operations on GPU memory
CVE-2021-28664 (CVSS score: 8.8) – Mali GPU Kernel Driver elevates CPU RO pages to writable