In the latest report provided by the Google Project Zero team, it has been provided that a total of four Android zero-day vulnerabilities were being exploited in the wild before they were addressed in the Android patch this month.
Reportedly, the exploitation of these Android zero-day vulnerabilities impacted a finite number of users, according to the Android security patch data of this month.
Accordingly, the May 2021 Android security report was updated stating that “There are indications that CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664 may be under limited, targeted exploitation.”
Below listed are the tracking IDs and causes of the four Android zero-day vulnerabilities:
- CVE-2021-1905 – A use-after-free flaw in Qualcomm’s graphics component due to improper handling of memory mapping of multiple processes simultaneously. The vulnerability has a CVSS score of 8.4
- CVE-2021-1906 – A flaw concerning inadequate handling of address deregistration that could lead to new GPU address allocation failure. The vulnerability has a CVSS score of 6.2
- CVE-2021-28663– A vulnerability in Arm Mali GPU kernel that could permit a non-privileged user to make improper operations on GPU memory, leading to a use-after-free scenario that could be exploited to gain root privilege or disclose information.
- CVE-2021-28664 – An unprivileged user can achieve read/write access to read-only memory, enabling privilege escalation or a denial-of-service (DoS) condition due to memory corruption.
Zero-day critical bugs:
As mentioned above, the four Android zero-day bugs separately compromise the Qualcomm GPU and Arm Mali GPU Driver components.
Subsequently, Qualcomm also issued security reports dealing with the two vulnerabilities that impacted the GPUs.
Security experts have provided that successful exploitation of these critical Android zero-day bugs could facilitate malicious entities to gain aggregate access and control over impacted devices and systems.
Details regarding the actual attack techniques of the vulnerabilities not disclosed.
Android users are recommended to install this month’s security updates as soon as possible if they are impacted by these issues.