image credit: pixabay
The zero-day vulnerability is tracked as CVE-2021-1048 and Google says there is evidence that the flaw has been exploited in limited, targeted attacks. The internet giant described it as a use-after-free bug in the kernel that can be exploited for local privilege escalation.
No other information has been provided about the attacks exploiting CVE-2021-1048, but the targeted nature of the attacks suggests that they have been carried out by a state-sponsored threat group, likely for espionage purposes.
Comments are closed.
