Google has released its February 2025 Android security updates, addressing 48 vulnerabilities, including a significant zero-day kernel flaw actively exploited in the wild. The update comes in two patch levels: 2025-02-01 and 2025-02-05.

Key Vulnerabilities Addressed:

1. Zero-Day Kernel Vulnerability (CVE-2024-53104):
– High-severity privilege escalation flaw in Android’s USB Video Class driver
– Allows authenticated local attackers to elevate privileges
– Stems from improper frame parsing in the uvc_parse_format function
– Can lead to out-of-bounds writes, enabling code execution or DoS attacks

2. Qualcomm WLAN Vulnerability (CVE-2024-45569):
– Critical firmware memory corruption issue
– Affects WLAN host communication
– Enables remote code execution without user interaction
– Requires no privileges for exploitation

Patch Distribution:
– Google Pixel devices receive immediate updates
– Other manufacturers may delay for hardware-specific testing
– 2025-02-05 patch level includes additional fixes for third-party components

Recent Context:
In November, Google addressed two other actively exploited zero-days (CVE-2024-43047 and CVE-2024-43093), with CVE-2024-43047 notably used in NoviSpy spyware attacks targeting activists and journalists in Serbia.