The February 2025 Android security updates addressed 48 vulnerabilities, including a kernel zero-day flaw exploited in the wild.
The February 2025 Android security updates addressed 48 vulnerabilities, including a zero-day flaw, tracked as CVE-2024-53104, which is actively exploited in attacks in the wild.
“There are indications that CVE-2024-53104 may be under limited, targeted exploitation.” reads Google’s bulletin.
Google as usual did not share details about the attacks exploiting the above vulnerability,
The vulnerability is a privilege escalation security flaw in the Kernel’s USB Video Class driver. An authenticated local attacker could exploit the flaw to elevate privileges in low-complexity attacks.
The issue stems from improper parsing of UVC_VS_UNDEFINED frames, causing miscalculation of the frame buffer size and potentially leading to arbitrary code execution or denial-of-service attacks.
“In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.” reads the advisory.
Google released two security patch sets for February 2025: the 2025-02-01 and 2025-02-05 security patch levels.
Google also addressed a critical vulnerability, tracked as CVE-2024-45569 (CVSS score of 9.8), in Qualcomm’s WLAN component.
The flaw is a memory corruption issue while parsing the ML IE due to invalid frame content.
In November, 2024, Google addressed two Android zero-days, tracked as CVE-2024-43047 and CVE-2024-43093, which were actively exploited in the wild.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Google)
