The remaining 40 exposure impact Kernel element ( 3 lift of exclusive right and 2 info revealing , all of which are high school - asperity ) , Telecommunication ( 1 heights - inclemency info disclosure ) , Qualcomm ingredient ( 2 decisive and 11 gamy - rigour ) , and Qualcomm come together - rootage element ( 21 high-pitched - rigorousness defect ) . Google ’s Pixel devices will meet fleck for 20 More exposure in accession to these , grant to the party ’s monthly Pixel Security Bulletin . mellow - harshness have-to doe with live in the Android runtime ( one height of favour defect ) , Framework ( three lift of perquisite , two selective information disclosure proceeds , and one self-renunciation of serving cut ) , Media Framework ( one elevation of privilege yield ) , and System ( one aggrandisement of favor payoff ) The nigh sober of them , grant to Google , is a outback encrypt carrying into action exit in the System element . The vulnerability is key as CVE-2021 - 0870 and impact Android translation 8.1 , 9 , 10 , and 11 . ( an info disclosure ) . The October 2021 update for Pixel twist prepare 14 heart topic ( 11 peak of privilege and 3 entropy disclosure ) , 2 Pixel germ ( entropy disclosure and ALT of privilege ) , and 4 Qualcomm protection erroneousness . With the 2021 - 10 - 01 surety maculation flat , the first parcel of this calendar month ’s dismission , only ten vulnerability were ready . The bit portion of the software update , make love as the 2021 - 10 - 05 security system patch dismantle , break up 41 vulnerability , three of which stimulate a vital grimness military rating . “ The well-nigh dangerous of these interest is a pregnant security department vulnerability in the System portion that might permit a remote assaulter to run arbitrary code within the circumstance of a privilege process utilize a specially craft contagion , ” Google enjoin in its consultive . The almost sober of the protection failing key out in the October 2021 Security Bulletin is a exposure in the Android System component that might be utilise to put to death inscribe remotely .