CVE-2021-0060 is a vulnerability that affects Android devices running on versions 8.0, 8.1, 9, 10, and 11 that use Qualcomm Snapdragon chips. The vulnerability allows attackers to execute arbitrary code within the context of an application, allowing them to potentially take control of the device or steal sensitive information. This vulnerability was discovered and reported by security researchers in January 2021.
The vulnerability was caused by a flaw in the Qualcomm Graphics driver that allowed an attacker to gain elevated privileges on the affected devices. Specifically, the vulnerability existed in the Adreno GPU driver, which handles graphics rendering on Snapdragon chips. Attackers could exploit this vulnerability by tricking users into installing a malicious application that then triggered the flaw.
Google released a patch for the vulnerability as part of its February 2021 security update. Users of affected devices should ensure that they have installed the latest security updates to protect themselves from potential exploitation of this vulnerability. It is important for device manufacturers and software developers to regularly monitor and patch vulnerabilities in their products to ensure the safety and security of their users' data.