Security News > 2025 > April > Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
2025-04-08 04:05
Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild. The two high-severity vulnerabilities are listed below - CVE-2024-53150 (CVSS score: 7.8) - An out-of-bounds flaw in the USB sub-component of Kernel that could result in information disclosure CVE-2024-53197 (CVSS score: 7.8) - A privilege escalation flaw in the USB sub-component of Kernel
News URL
https://thehackernews.com/2025/04/google-releases-android-update-to-patch.html
Related news
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Google adds Android auto-reboot to block forensic data extractions (source)
- Google fixes actively exploited FreeType flaw on Android (source)
- Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android (source)
- Google’s Advanced Protection Now on Android (source)
- Google strengthens secure enterprise access from BYOD Android devices (source)
- Google Chrome's Built-in Manager Lets Users Update Breached Passwords with One Click (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-27 | CVE-2024-53197 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config. This can lead to out-of-bounds accesses later, e.g. | 0.0 |
| 2024-12-24 | CVE-2024-53150 | Out-of-bounds Read vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. | 7.1 |