Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
thnThe Hacker NewsTHN:37E4ECDE5CC5E074EC9FD4DF79D85121
HistoryNov 03, 2021 - 5:20 a.m.

Google Warns of New Android 0-Day Vulnerability Under Active Targeted Attacks

2021-11-0305:20:00
The Hacker News
thehackernews.com
118
google
android
security patches
zero-day vulnerability
cve-2021-1048
kernel
use-after-free
rce
cve-2021-0918
cve-2021-0930
qualcomm
cve-2021-1924
cve-2021-1975
android tv
cve-2021-0889
cve-2020-11261
cve-2021-1905
cve-2021-1906
cve-2021-28663
cve-2021-28664
exploits

EPSS

0.016

Percentile

87.6%

JSON

Google has rolled out its monthly security patches for Android with fixes for 39 flaws, including a zero-day vulnerability that it said is being actively exploited in the wild in limited, targeted attacks.

Tracked as CVE-2021-1048, the zero-day bug is described as a use-after-free vulnerability in the kernel that can be exploited for local privilege escalation. Use-after-free issues are dangerous as it could enable a threat actor to access or referencing memory after it has been freed, leading to a β€œwrite-what-where” condition that results in the execution of arbitrary code to gain control over a victim’s system.

β€œThere are indications that CVE-2021-1048 may be under limited, targeted exploitation,” the company noted in its November advisory without revealing technical details of the vulnerability, the nature of the intrusions, and the identities of the attackers that may have abused the flaw.

Also remediated in the security patch are two critical remote code execution (RCE) vulnerabilities β€” CVE-2021-0918 and CVE-2021-0930 β€” in the System component that could allow remote adversaries to execute malicious code within the context of a privileged process by sending a specially-crafted transmission to targeted devices.

Two more critical flaws, CVE-2021-1924 and CVE-2021-1975, affect Qualcomm closed-source components, while a fifth critical vulnerability in Android TV (CVE-2021-0889) could permit an attacker in close proximity to silently pair with a TV and execute arbitrary code with no privileges or user interaction required.

With the latest round of updates, Google has addressed a total of six zero-days in Android since the start of the year β€”

  • CVE-2020-11261 (CVSS score: 8.4) - Improper input validation in Qualcomm Graphics component
  • CVE-2021-1905 (CVSS score: 8.4) - Use-after-free in Qualcomm Graphics component
  • CVE-2021-1906 (CVSS score: 6.2) - Detection of error condition without action in Qualcomm Graphics component
  • CVE-2021-28663 (CVSS score: 8.8) - Mali GPU Kernel Driver allows improper operations on GPU memory
  • CVE-2021-28664 (CVSS score: 8.8) - Mali GPU Kernel Driver elevates CPU RO pages to writable

Found this article interesting? Follow THN on Facebook, Twitter ο‚™ and LinkedIn to read more exclusive content we post.

Related

threatpost 3
thn 3
malwarebytes 3
cve 11
vulnrichment 1
cisa_kev 6
prion 11
nvd 11
githubexploit 1
cvelist 11
nessus 8
attackerkb 6
cnvd 4
osv 4
redhatcve 1
ubuntucve 1
debiancve 1
oraclelinux 2
cisa 1
talosblog 1
googleprojectzero 1
openvas 3
github 1
qualysblog 1
ics 1
threatpost
threatpost
Android Patches Actively Exploited Zero-Day Kernel Bug
2021-11-02 17:20:42
4 Android Bugs Being Exploited in the Wild
2021-05-20 16:50:16
Google Warns of Critical Android Remote Code Execution Bug
2021-01-05 20:21:40
thn
thn
Android Issues Patches for 4 New Zero-Day Bugs Exploited in the Wild
2021-05-20 05:13:00
WARNING: A New Android Zero-Day Vulnerability Is Under Active Attack
2021-03-23 05:33:00
Cytrox's Predator Spyware Targeted Android Users with Zero-Day Exploits
2022-05-20 10:58:00
malwarebytes
malwarebytes
Android patches for 4 in-the-wild bugs are out, but when will you get them?
2021-05-20 17:13:53
Google patches zero-day vulnerability, and others, in Android
2021-11-02 16:48:46
Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware
2022-05-24 09:55:59
cve
cve
CVE-2021-28664
2021-05-10 15:15:07
CVE-2021-28663
2021-05-10 15:15:07
CVE-2020-11261
2021-06-09 05:15:07
vulnrichment
vulnrichment
CVE-2021-28663
2021-05-10 00:00:00
cisa_kev
cisa_kev
Qualcomm Multiple Chipsets Improper Input Validation Vulnerability
2021-12-01 00:00:00
Arm Mali Graphics Processing Unit (GPU) Unspecified Vulnerability
2021-11-03 00:00:00
Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability
2021-11-03 00:00:00
prion
prion
Privilege escalation
2021-05-10 15:15:00
Memory corruption
2021-05-10 15:15:00
Memory corruption
2021-06-09 05:15:00
nvd
nvd
CVE-2021-28663
2021-05-10 15:15:07
CVE-2021-28664
2021-05-10 15:15:07
CVE-2020-11261
2021-06-09 05:15:07
githubexploit
githubexploit
Exploit for Use After Free in Arm Bifrost Gpu Kernel Driver
2021-09-01 22:59:29
cvelist
cvelist
CVE-2021-28663
2021-05-10 00:00:00
CVE-2021-28664
2021-05-10 00:00:00
CVE-2020-11261
2021-06-09 05:00:49
nessus
nessus
ARM Mali GPU Kernel Driver < r29p0 / < r31p0 Use After Free (CVE-2021-28663)
2023-07-11 00:00:00
ARM Mali GPU Kernel Driver < r30p0 / < r31p0 Improper Memory Access (CVE-2021-28664)
2023-07-11 00:00:00
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9014)
2022-01-10 00:00:00
attackerkb
attackerkb
CVE-2021-28664
2021-05-10 00:00:00
CVE-2021-28663
2021-05-10 00:00:00
CVE-2020-11261
2021-06-09 00:00:00
cnvd
cnvd
Google Android System Remote Code Execution Vulnerability (CNVD-2021-101436)
2021-11-02 00:00:00
Google Android System Remote Code Execution Vulnerability (CNVD-2021-101435)
2021-11-02 00:00:00
Google Android Android TV Remote Service component remote code execution vulnerability
2021-11-02 00:00:00
osv
osv
[Crafted gatt request causes the crash of bluetooth stack]
2021-11-01 00:00:00
OOBW in phNxpNciHal_process_ext_rsp, #2
2021-11-01 00:00:00
Unauthorized pairing and hijacking of Android TV device
2021-11-01 00:00:00
redhatcve
redhatcve
CVE-2021-1048
2021-12-13 18:20:35
ubuntucve
ubuntucve
CVE-2021-1048
2021-12-15 00:00:00
debiancve
debiancve
CVE-2021-1048
2021-12-15 19:15:14
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2022-01-10 00:00:00
Unbreakable Enterprise kernel security update
2022-02-01 00:00:00
cisa
cisa
CISA Adds Five Known Exploited Vulnerabilities to Catalog
2021-12-01 00:00:00
talosblog
talosblog
Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware
2023-05-25 12:02:19
googleprojectzero
googleprojectzero
The More You Know, The More You Know You Don’t Know
2022-04-19 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1271)
2022-03-02 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-2818)
2021-12-30 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2508)
2022-10-10 00:00:00
github
github
Pwning the all Google phone with a non-Google bug
2023-01-23 15:05:19
qualysblog
qualysblog
Qualys Response to CISA Alert: Binding Operational Directive 22-01
2021-11-09 06:15:01
ics
ics
Siemens SIMATIC
2024-03-14 12:00:00

EPSS

0.016

Percentile

87.6%

JSON
Related for THN:37E4ECDE5CC5E074EC9FD4DF79D85121
threatpost3thn3malwarebytes3cve11vulnrichment1cisa_kev6prion11nvd11githubexploit1cvelist11nessus8attackerkb6cnvd4osv4redhatcve1ubuntucve1debiancve1oraclelinux2cisa1talosblog1googleprojectzero1openvas3github1qualysblog1ics1