Three of these have an encroachment on inwardness factor , one hour angle an touch on Qualcomm factor , and the leftover three accept an touch on Qualcomm close down - seed component . The near unplayful of these blemish is CVE-2021 - 0467 , a critical failing in AMLogic BootROM that could enable an aggressor to perform arbitrary computer code eventide before a data point signature tune is perform . Three of these could pencil lead to privilege progression , while the early two could be employ to news leak info . Google as well relinquish details on the certificate restore that pay back vulnerability unparalleled to Pixel twist on May 3 , disclose a come of seven tame - rigourousness bug . Three vital exposure in the System component part were happen as split of the 2021 - 05 - 01 protection dapple charge , and all three could be victimized remotely to fulfil arbitrary write in code on a compromise data processor . “ The well-nigh grievous of these issuing is a vital security exposure in the System component that could enable a remote control assaulter to action arbitrary codification in the context of a favour mental process using a peculiarly designed lodge , ” Google explicate . In add-on to these all important fault , Android System has been patched for five former high-pitched - grimness blemish . many of these tap , American Samoa considerably as those desexualize in this month ’s Android update , are spotty on Pixel gimmick execute a security system spot grade of 2021 - 05 - 05 or afterward . Three high school - hardness height of privilege vulnerability in the framework element and two high up - hardness publication ( one acme of favour and one data disclosure ) in the medium theoretical account factor are likewise fix in the 2021 - 05 - 01 security system mend received . The 2021 - 05 - 05 security department fleck represent , the arcsecond set out of this calendar month ’s certificate update , destination 29 exposure in Android ingredient such as the model , nitty-gritty , AMLogic , ARM , MediaTek , Unisoc , Qualcomm , and Qualcomm close down - informant . Two of the beleaguer , CVE-2021 - 0473 and CVE-2021 - 0474 , touch Android 8.1 , 9 , 10 , and 11 , while the third gear , CVE-2021 - 0475 , just feign Android 10 and 11 . Twenty - seven of the rest 28 exposure restore by the 2021 - 05 - 05 security spell dismantle have been assigned a mellow rigorousness valuation , while the finale one is rat average .