Red Hot Cyber
Cybersecurity, Cybercrime News and Vulnerability Analysis
Google developers have released security updates for Android that address 120 operating system vulnerabilities. Two of these vulnerabilities, according to the company, have already been exploited by hackers in targeted attacks.
The zero-day bugs fixed this month have been identified as CVE-2025-38352 (CVSS score 7.4) – a Privilege Escalation in the Linux kernel component and CVE-2025-48543 – a Privilege Escalation in the Android Runtime component.
Google emphasizes that these vulnerabilities have already been exploited in limited, targeted attacks, but the company has not disclosed details about these incidents. The vulnerabilities are said to require no user interaction to be exploited.
CVE-2025-38352 is a vulnerability in the Linux kernel discovered on July 22, 2025, and fixed in versions 6.12.35-1 and later. The issue is related to a race condition in POSIX CPU timers and causes errors in the task cleanup routine, destabilizing the kernel and causing crashes, denial of service, and privilege escalations.
CVE-2025-48543, in turn, affects the Android Runtime, where Java/Kotlin applications and system services run. It potentially allows a malicious application to bypass sandbox protection and gain access to higher-level system functionality.
In addition to the two actively exploited zero-day bugs, the September update fixed four critical bugs.
CVE-2025-48539, a Remote Code Execution (RCE) bug in the Android system component, allows an attacker in close physical or network proximity (for example, within Bluetooth or Wi-Fi range) to execute arbitrary code on the device without any user interaction or privileges.
Vulnerabilities CVE-2025-21450, CVE-2025-21483, and CVE-2025-27034 affects proprietary Qualcomm components. According to details provided by Qualcomm in its security bulletin, the vulnerability CVE-2025-21450affects the GPS control system, the vulnerability CVE-2025-21483 concerns issues with the network data stacks, and the vulnerability CVE-2025-27034 concerns an issue in the multimodal call processor.
Google has traditionally prepared two patch levels: 2025-09-01 and 2025-09-05, to give partners the ability to more quickly fix some of the vulnerabilities common to all devices. Android.
Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.
