banner

Google on Wednesday up to date its Might 2021 Android Safety Bulletin to reveal that 4 of the safety vulnerabilities that had been patched earlier this month by Arm and Qualcomm might have been exploited within the wild as zero-days.

“There are indications that CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664 could also be below restricted, focused exploitation,” the search large said in an up to date alert.

password auditor

The 4 flaws affect Qualcomm Graphics and Arm Mali GPU Driver modules —

  • CVE-2021-1905 (CVSS rating: 8.4) – A use-after-free flaw in Qualcomm’s graphics part because of improper dealing with of reminiscence mapping of a number of processes concurrently.
  • CVE-2021-1906 (CVSS rating: 6.2) – A flaw regarding insufficient dealing with of handle deregistration that would result in new GPU handle allocation failure.
  • CVE-2021-28663 (CVSS rating: NA) – A vulnerability in Arm Mali GPU kernel that would allow a non-privileged consumer to make improper operations on GPU reminiscence, resulting in a use-after-free state of affairs that could possibly be exploited to realize root privilege or disclose info.
  • CVE-2021-28664 (CVSS rating: NA) – An unprivileged consumer can obtain learn/write entry to read-only reminiscence, enabling privilege escalation or a denial-of-service (DoS) situation because of reminiscence corruption.

Profitable exploitation of the weaknesses might grant an adversary carte blanche entry to the focused system and take over management. It is, nevertheless, not clear how the assaults themselves had been carried out, the victims which will have been focused, or the risk actors which may be abusing them.

The event marks one of many uncommon cases the place zero-day bugs in Android have been noticed in real-world cyber offensives.

Earlier this March, Google revealed {that a} vulnerability affecting Android gadgets that use Qualcomm chipsets (CVE-2020-11261) was being weaponized by adversaries to launch focused assaults. The opposite flaw is CVE-2019-2215, a vulnerability in Binder — Android’s inter-process communication mechanism — that is stated to have been allegedly exploited by the NSO Group in addition to SideWinder threat actor to compromise a sufferer’s system and accumulate consumer info.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.