Summary: Google has released the February 2025 Android security update, addressing 46 vulnerabilities, including a critical flaw in the Linux kernel (CVE-2024-53104), which is currently under active exploitation. The update fixes a high-severity out-of-bounds write vulnerability that could allow attackers to elevate privileges on devices. Users are advised to update their devices to the latest security patch level to mitigate potential threats.
Affected: Android devices and Wear OS
Keypoints :
- 46 vulnerabilities addressed in the February 2025 security update.
- CVE-2024-53104 is a critical vulnerability with a CVSS score of 7.8, allowing privilege escalation.
- The update resolves issues in both Framework, Platform, and System components.
- First part of the update (2025-02-01) addresses 23 vulnerabilities, while the second part (2025-02-05) fixes 23 more.
- Wear OS received a patch for one vulnerability; no updates for Android Automotive OS were released.
Source: https://www.securityweek.com/vulnerability-patched-in-android-possibly-exploited-by-forensic-tools/