This week, Google released Android application protection updates for January 2021, fixing 42 bugs, including four classified critical severity.
Addressed as part of the 2021-01-01 security patch stage and monitored as CVE-2021-0316, a crucial security error in the system that could be abused remotely to achieve code execution is the most serious of these bugs.
A specially designed transmission will have to be used by an attacker trying to exploit the flaw. Within the framework of a privileged method, efficient manipulation may lead to code execution.
Three other vulnerabilities discussed in the device portion of Android this month feature a high severity ranking. That involve two problems of privilege elevation and one bug of knowledge disclosure.
Fifteen System flaws, including a serious denial of service (DoS) flaw, eight high-severity access bugs, four high-severity knowledge leakage problems, one high-severity DoS error, and one remote code execution vulnerability, are all patched at the 2021-01-01 security patch stage.
All three security bugs fixed this month in the Media System part of Android have a high severity rating: execution of one remote code and two problems with information disclosure.
A total of 19 vulnerabilities in Kernel (three high-severity flaws), MediaTek (one high-severity issue), and Qualcomm components are fixed in the second part of Android security updates for January 2021 (six high-severity bugs).
Patches for nine faults in Qualcomm closed-source components were also included in the release package for this month (two critical and seven high-severity vulnerabilities).
Many of these problems are fixed on smartphones running a security patch standard of 2021-01-05 or older, as are bugs patched with previous Android security patches.
Four other flaws are already resolved by a security patch standard of 2021-01-05 on Pixel devices: a high-severity privilege elevation in System and a mild one in Kernel components, along with a moderate error in Qualcomm components and another one in Qualcomm closed-source components.