Google's June security updates address more than 90 vulnerabilities in the Android mobile operating system and Pixel devices. Among the patched flaws, there is a critical bug that could allow a potential attacker to take control of a vulnerable mobile device.

The most dangerous vulnerability in the suite has received the identifier CVE-2021-0507, and it impacts the System component in the Android OS. According to the description, this bug could enable a remote attacker to execute code within the context of a privileged process.

The System component was noted with another critical vulnerability - CVE-2021-0516, which could lead to elevation of privileges in the system.

In addition, in June, the developers patched CVE-2021-0511, with the help of which a local attacker could execute code and gain additional permissions in the system. Media Framework has also four bugs: CVE-2021-0508, CVE-2021-0509, CVE-2021-0510, CVE-2021-0520.

The rest of the vulnerabilities are the high severity issues (CVE-2020-14305, CVE-2021-0512, CVE-2021-0521), mostly they could lead to local escalation of privileges.

As for the Pixel, the vulnerabilities in these devices are mainly rated moderate in severity. Two of them are related to denial-of-service (DoS) - CVE-2020-1971 and CVE-2021-0555. Another vulnerability (CVE-2021-0557) could allow remote code execution in the Media Framework.

Source: anti-malware.ru