Jump to content
  • Sign Up
×
×
  • Create New...
New feature: 1 Vote = 0.10€ for server Owner!

Google Rolls Out February 2025 Security Patch for Android With 47 Fixes

Pelican Press

By Pelican Press,
in World News

 Share

Recommended Posts

  • Diamond Member
Pelican Press Warlord

Pelican Press 0

Posted
  • Diamond Member
Posted

This is the hidden content, please

This is the hidden content, please
Rolls Out February 2025 Security Patch for Android With 47 Fixes

This is the hidden content, please
on Monday released the February 2025 security patch for Android devices. The update brings crucial security fixes for discovered vulnerabilities, ranging from high to critical severity, including one CVE which is said to have been “actively exploited”. Several flaws target devices powered by Arm, Imagination Technologies, MediaTek, Qualcomm, and Unisoc components, while other vulnerabilities affect general system components such as framework and kernel.

February 2025 Security Patch for Android

This is the hidden content, please
to
This is the hidden content, please
’s Android Security Bulletin for February 2025, a total of 47 discovered vulnerabilities have been patched with the latest update. Following the rollout, the Mountain View-based technology giant has also released the source code patches for these issues to the Android Open Source Project (AOSP) repository.
This is the hidden content, please
notes that one of the vulnerabilities, with the identifier CVE-2024-53104, is related to the USB Video Class (UVC) driver subcomponent and may be “under limited, targeted exploitation”.

With a high severity and a CVSS score of 7.8, it could lead to “physical escalation of privilege with no additional execution privileges needed”, as per the bulletin. While

This is the hidden content, please
has not shared any other details, the National Vulnerability Database, which is the US government’s repository of standards-based vulnerability management data,
This is the hidden content, please
it as a video subsystem flaw in the Linux kernel.

It occurred when the uvc_parse_format function tried handling UVC_VS_UNDEFINED frame but skipped or ignored the undefined frames, parsing them instead. The uvc_parse_streaming function, which calculates the buffer size, created this vulnerability as it tried to calculate the buffer size for the expected frames but did not account for the undefined ones. Thus, its attempt to write data steered past the allocated buffer size, creating an out-of-bounds write.

Out of the 47 vulnerabilities patched with the February 2025 update, only one has been labelled a “critical” severity, CVE-2024-45569. It has a CVSS rating of 9.8. The flaw affects WLAN subcomponent in Qualcomm devices. It also addresses issues related to framework, kernel, platform, and system.



This is the hidden content, please

#

This is the hidden content, please
#Rolls #February #Security #Patch #Android #Fixes

This is the hidden content, please

This is the hidden content, please

0

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.

  I accept