Google on Monday released its February 2025 security patches, which address 48 vulnerabilities, including a critical zero-day vulnerability affecting the Android kernel that was being actively exploited in attacks.
Tracked as CVE-2024-53104, the zero-day flaw has been described as a high-severity issue affecting the Android Kernel’s USB Video Class (UVC) driver.
What’s the vulnerability?
This vulnerability is a privilege escalation security flaw in Android’s USB Video Class driver, which if exploited, can allow an authenticated attacker to elevate privileges in low-complexity attacks on targeted devices.
The zero-day flaw resides in the uvc_parse_format function. Improper parsing of UVC_VS_UNDEFINED type frames can cause the buffer size of frames to be miscalculated.
This can lead to out-of-bounds writes since frames of this type were not considered when calculating the frame buffer size in uvc_parse_streaming.
This can potentially allow attackers to execute arbitrary code on a vulnerable Android phone or trigger denial-of-service conditions.
“In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming,” reads the advisory.
“There are indications that CVE-2024-36971 may be under limited, targeted exploitation”, the search giant noted in its February 2025 monthly Android security advisory.
Additionally, Google addressed a critical security flaw, CVE-2024-45569 (CVSS score of 9.8), in Qualcomm’s WLAN component. Qualcomm states this flaw is a memory corruption issue caused by an Improper Validation of the Array Index in WLAN Host Communication when parsing the ML IE due to invalid frame content.
Patches Released
Google has released two patch sets, the 2025-02-01 and 2025-02-05 security patch levels, as part of the February 2025 security updates.
While Google Pixel devices receive security updates immediately, other manufacturers may experience delays due to the additional testing required to ensure the security patches are compatible with various hardware configurations.
Hence, Android users are strongly advised to install the 2025-02-01 and 2025-02-05 security patch levels as soon as possible to safeguard their devices and themselves from major security threats.
