Google has recently published its Android security bulletin for February that includes information on over 40 critical vulnerabilities. Most of them could lead to a high-severity elevation of privilege in the Android.
The first part of the update includes fixes for a total of 20 vulnerabilities, where 15 lead to elevation of privilege. The most important one is the critical flaw within the Media Framework component, allowing a cyber-attacker to execute arbitrary code for a vulnerable device.
The vulnerability has been tracked as CVE-2021-0325, where the threat actor needs to supply a particular file to trigger the bug. Two more flaws of high severity are named CVE-2021-0332 and CVE-2021-0335.
Source: SecurityWeek