CVE-2021-1048 is a new zero-day vulnerability in Android that was fixed together with 38 other flaws in November 2021’s patch rollout. Apparently, the zero-day is being exploited in the wild.
CVE-2021-1048 Kernel Zero-Day
CVE-2021-1048 is a use-after-free issue in the kernel that allows for local privilege escalation. This type of vulnerabilities allows threat actors to reference memory after it has been freed to cause a program to crash, use unexpected values, or execute code.
“The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process,” Google wrote. The company added that there are indication showing that CVE-2021-1048 “may be under limited, targeted exploitation.” No additional information is available, as to who is behind these attacks, the nature of the attacks, etc.
Two other critical vulnerabilities should also be mentioned, as they could allow remote code execution: CVE-2021-0918 and CVE-2021-0930, located in the System component. The flaws could enable remote attacks to execute malicious code within the context of a privileged process by sending a specially-crafted transmission to targeted devices.
CVE-2021-1924 and CVE-2021-1975 are also critical, affecting Qualcomm closed-source components. CVE-2021-0889 is with critical status, too, affecting Android TV, and enabling close-by threat actors to pair with a TV to execute arbitrary code. The vulnerability can be exploited without privileges or user interaction.
More information about this month’s Android vulnerabilities is available in the original security bulletin.
Earlier this year, in May, four security vulnerabilities in Qualcomm Graphics and Arm Mali GPU Driver that affected Android and were exploited in the wild were patched. A successful attempt would give attackers access to targeted vulnerable devices, allowing them to take control. Google revealed no information as to how the attacks happened, and if the victims were targeted. It is also known what threat group was behind the attacks.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: