November Patch for Android Resolves an Actively Exploited Kernel Problem

November Patch for Android Resolves an Actively Exploited Kernel Problem

The Android November 2021 security updates have been released, and they fixed 18 vulnerabilities in the framework and system components, as well as 18 problems in the kernel and vendor components.

One of the updates addresses CVE-2021-1048, a local escalation of privilege caused by a use after free flaw that, according to Google, is being exploited in a restricted, targeted manner.

Because original equipment manufacturers (OEMs) are presently working on combining the fix with their releases, little technical details about the problem have been provided, leaving most Android users susceptible. 

Two significant System remote code execution (RCE) problems listed as CVE-2021-0918 and CVE-2021-0930 are the most severe concerns addressed by the November 2021 patch.

By delivering a specially designed transmission to the target device, attackers can execute arbitrary code within the scope of a privileged process.

CVE-2021-1924 and CVE-2021-1975, both affecting Qualcomm components, are two additional severe security problems fixed in this month’s patch.

The fifth significant bug repair is an RCE identified as CVE-2021-0889 in Android TV’s “remote service” component. An attacker close to the device might leverage this weakness to execute code without requiring user involvement or rights.

As a reminder, Google publishes at least two Android patch levels each month, and the dates for November are 2021-11-01, 2021-11-05, and 2021-11-06.

Those who notice an update alert with the date 2021-11-01 will receive the following:

  • November framework patches
  • October vendor and kernel
  • October framework patches

All the above, as well as the November vendor and kernel updates, will be sent to those who see patch levels 2021-11-05 or 2021-11-06.

It is the first security patch for Android 12. Depending on the vulnerabilities’ breadth, many of the remedies go back to versions 11, 10, and 9.

If you’re on an earlier version of Android, you won’t be protected by this patch, and your device will be subject to yet another actively exploited issue.

Finally, this is the first patch version that does not include the Pixel 3, signaling the end of support for one of Google’s most popular smartphones.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.