Connect with us

Hi, what are you looking for?


Malware & Threats

Google: Four Recently Patched Android Vulnerabilities Exploited in Attacks

Google has updated its May 2021 Android security bulletin to alert users that four vulnerabilities appear to have been exploited in attacks.

Google has updated its May 2021 Android security bulletin to alert users that four vulnerabilities appear to have been exploited in attacks.

Rolling out to users since early May, the latest Android security update patches over 40 flaws, including four with a severity rating of critical.

This week, Google Project Zero researcher Maddie Stone pointed out on Twitter that the security bulletin has been updated with a note on some bugs being exploited in the wild.

A total of four security issues, rated high and medium severity, “may be under limited, targeted exploitation,” Google notes in the updated bulletin.

Two of the flaws impact Qualcomm components and are tracked as CVE-2021-1905 (high severity) and CVE-2021-1906 (medium risk). Both were identified in the graphics component and patches were rolled out by the vendor in May 2021.

A use-after-free issue, CVE-2021-1905 was reported to Qualcomm in November 2020, and exists because of “improper handling of memory mapping of multiple processes simultaneously.”

CVE-2021-1906 was described as an “improper handling of address deregistration on failure,” which could lead to new GPU address allocation failure. The bug was reported to the vendor in December 2020.

Advertisement. Scroll to continue reading.

Both of the remaining exploited flaws affect ARM components (the Mali GPU kernel driver) and were disclosed by ARM in March 2021. Tracked as CVE-2021-28663 and CVE-2021-28664, the bugs could lead to improper operations on GPU memory and elevation of CPU RO pages to writable, respectively.

A non-privileged user able to exploit these flaws could gain root permissions, access information, corrupt memory, or modify the memory of other processes.

Users are advised to apply the latest Android patches as soon as possible, to ensure they are protected from any exploitation attempts.

Related: Android Updates for May 2021 Patch Over 40 Vulnerabilities

Related: Google Patches Critical Code Execution Vulnerability in Android

Related: Google Patches Critical Remote Code Execution Vulnerability in Android

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.