The May patches for the Android mobile operating system address a total of 42 vulnerabilities, including four considered critical severity. The developers urge everyone not to delay with their installation.

Update set 2021-05-01 contains patches for three critical flaws in the System component. All three flaws could be exploited remotely to execute code on vulnerable mobile devices.

Two of the three vulnerabilities received identifiers CVE-2021-0473 and CVE-2021-0474, they affect Android 8.1, 9, 10 and 11 releases. The third vulnerability - CVE-2021-0475 - impacts Android 10 and 11 only.

Five more flaws were found in the Android System, all rated high severity. Three bugs could allow for elevation of privilege, while the remaining two could lead to information disclosure.

Another patch set, released this month and numbered 2021-05-05, fixes 29 vulnerabilities in other Android components such as kernel, AMLogic, ARM, MediaTek, Unisoc, Qualcomm. The most dangerous of these vulnerabilities is CVE-2021-0467, a critical flaw in AMLogic BootROM that could allow an attacker to execute code at bootROM level.

Source: anti-malware.ru