Description:
Google has released Android Security Bulletin October 2021 to fix multiple security vulnerabilities in Android operating system. The list of security updates can be found at:
https://source.android.com/security/bulletin/2021-10-01
Affected Systems:
- Android version 8.1, 9, 10 and 11
Impact:
Depending on the vulnerability exploited, a successful attack could lead to denial of service, elevation of privilege, information disclosure and remote code execution on an affected device.
Recommendation:
Some manufacturers have fixed or have planned to fix the vulnerabilities in their Android systems. Users are recommended to consult the product vendors to confirm the availability of patches. If patches are available, users should upgrade to the fixed versions or follow the recommendations provided by the product vendors to mitigate the risk.
More Information:
- https://source.android.com/security/bulletin/2021-10-01
- https://www.hkcert.org/security-bulletin/android-multiple-vulnerabilities_20211005
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10768
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11264
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11301
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11303
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24587
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24588
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26139 (to CVE-2020-26141)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26145 (to CVE-2020-26147)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29368
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29660
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0483
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0643
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0651
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0652
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0702
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0703
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0705 (to CVE-2021-0708)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0870
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1913
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1917
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1932
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1936
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1949
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1959
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1977
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1980
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1983 (to CVE-2021-1985)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27666
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29647
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30256 (to CVE-2021-30258)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30288
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30291
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30292
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30297
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30302
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30305
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30306
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30310
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30312