These four Android flaws warn Google that they are currently under attack
Three weeks after Google released the May 2021 Android security update, the Google Project Zero team revealed that four patched vulnerabilities had already been attacked.
“There are signs that CVE-2021-1905, CVE-2021-1906, CVE-2021-28663, and CVE-2021-28664 may be under limited targeted exploitation,” Google said in 2021. It is stated in the memo of the preliminary report in May of the year. Published on May 1st..
to see: Network security policy (TechRepublic Premium)
Google Project Zero security researcher Maddie Stone reported in a tweet that these were zero-day or previously unknown flaws.
The four flaws affect Qualcomm’s GPUs (CVE-2021-1905, CVE-2021-1906) and Arm Mali GPUs (CVE-2021-28663, CVE-2021-28664).
So Project Zero’s “0 day’in the wild’” spreadsheetA bug in Arm allows an attacker to write to the read-only memory of the Mail GPU, resulting in a flaw in the memory used after the GPU is freed. Qualcomm bugs include improper error handling and post-free use flaws in the GPU.
A flaw from security reporter Dan Gooddin, Google said, said the bug was “potentially under limited and targeted exploitation” because it was “meaninglessly ambiguous.” Removed.
Shane Huntley of Google’s Threat Analysis Group (TAG) announced in November Three zero-day flaws revealed in Apple’s iOSDefending Google’s wording, he emphasized that Google does not always have the information to say whether a vulnerability is being attacked. TAG also discovered and disclosed a zero-day flaw in Apple’s WebKit browser that prompted Apple to publish it. March Emergency iOS 14.4.2 Update.. Apple has updated older iOS devices to version 12.5.2 to address these issues.
“I understand the complaint that people don’t always get the IOC and details they need, but maybe we can shed some more light here.” He wrote, See Traces of Intrusion (IOC).
“First, not all” In The Wild “reports have an accurate grasp of the target set. “In The Wild” may mean that the exploit was found in the black market or hacker forums, or reported from a source that you want to remain. Anonymous. In such cases, IOC or targeting is not available or unknown.
“We strongly believe that there is a difference between exploits that we discover or report through coordinated disclosures and exploits that we know are in the hands of attackers. Flagging is useful for prioritization.
“We strive to provide as much information as possible about what we have observed, but that is a trade-off and we may not know the details or reveal all the information that some people want. .it can.”
Qualcomm Say in that recommendation CVE-2021-1905 was reported on November 17, 2020 and has been rated as a serious defect. CVE-2021-1906 is a medium-severity defect reported on December 7, 2020.
According to the chipmaker, this flaw affects a huge number of Qualcomm chipsets, but it requires exploiting local access.
Samsung yesterday began rolling out the May 2021 Android security patch to its flagship Galaxy S21 phone. As Sammobile reports.. However, Samsung’s very popular A-series smartphones have not yet received this update.
Source link These four Android flaws warn Google that they are currently under attack