Google opublikowało majowy biuletyn bezpieczeństwa systemu Android, w którym zamieszczono poprawki do 42 podatności tego systemu, w tym 4 są krytyczne.

CERT PSE zachęca do zapoznania się z majowym biuletynem bezpieczeństwa Google Android i stosowanie aktualizacji dostarczanych przez poszczególnych producentów urządzeń.

CVE

Severity

Updated AOSP versions

Framework

CVE-2021-0472

High

9, 10, 11

CVE-2021-0485

High

11

CVE-2019-2219

High

11

CVE-2021-0487

High

11

Media Framework

CVE-2021-0482

High

11

CVE-2021-0484

High

8.1, 9, 10, 11

System

CVE-2021-0473

Critical

8.1, 9, 10, 11

CVE-2021-0474

Critical

8.1, 9, 10, 11

CVE-2021-0475

Critical

10, 11

CVE-2021-0476

High

9, 10, 11

CVE-2021-0477

High

8.1, 9, 10, 11

CVE-2021-0481

High

8.1, 9, 10, 11

CVE-2021-0466

High

10

CVE-2021-0480

High

8.1, 9, 10, 11



CVE

Severity

Component

Kernel components

CVE-2020-29661

High

TTY

AMLogic

CVE-2021-0467

Critical

bootROM

ARM components

CVE-2021-28663

High

Mali

CVE-2021-28664

High

Mali

MediaTek components

CVE-2021-0489

High

memory management driver

CVE-2021-0490

High

memory management driver

CVE-2021-0491

High

memory management driver

CVE-2021-0492

High

memory management driver

CVE-2021-0493

High

memory management driver

CVE-2021-0494

High

memory management driver

CVE-2021-0495

High

memory management driver

CVE-2021-0496

High

memory management driver

CVE-2021-0497

High

memory management driver

CVE-2021-0498

High

memory management driver

Unisoc components

CVE-2021-0324

High

Framework

Qualcomm components

CVE-2021-1891

High

Audio

CVE-2021-1905

High

Display

CVE-2021-1927

High

Kernel

CVE-2021-1906

Moderate

Display

Qualcomm closed-source components

CVE-2020-11273

High

Closed-source component

CVE-2020-11274

High

Closed-source component

CVE-2020-11279

High

Closed-source component

CVE-2020-11284

High

Closed-source component

CVE-2020-11285

High

Closed-source component

CVE-2020-11288

High

Closed-source component

CVE-2020-11289

High

Closed-source component

CVE-2021-1910

High

Closed-source component

CVE-2021-1915

High

Closed-source component