The Android operating system updates released by Google for May 2021 patch a total of 42 vulnerabilities, including four considered critical severity.
Addressed as part of the 2021-05-01 security patch level, three of the critical flaws were identified in the System component and all three could be exploited remotely to execute arbitrary code on a vulnerable device.
“The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process,” Google explains.
Tracked as CVE-2021-0473 and CVE-2021-0474, two of these bugs affect Android 8.1, 9, 10, and 11 releases, while the third, CVE-2021-0475, impacts Android 10 and 11 only.
In addition to these critical bugs, five other vulnerabilities were addressed in Android System, all rated high severity. Three of these could lead to elevation of ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE