Red Hot Cyber, The cybersecurity news

Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Spanish Italian
Search

Android Colabrodo Edition: 120 vulnerabilities and two zero-days fixed

Redazione RHC : 5 September 2025 07:46

Google developers have released security updates for Android that address 120 operating system vulnerabilities. Two of these vulnerabilities, according to the company, have already been exploited by hackers in targeted attacks.

The zero-day bugs fixed this month have been identified as CVE-2025-38352 (CVSS score 7.4) – a Privilege Escalation in the Linux kernel component and CVE-2025-48543 – a Privilege Escalation in the Android Runtime component.

Google emphasizes that these vulnerabilities have already been exploited in limited, targeted attacks, but the company has not disclosed details about these incidents. The vulnerabilities are said to require no user interaction to be exploited.

CVE-2025-38352 is a vulnerability in the Linux kernel discovered on July 22, 2025, and fixed in versions 6.12.35-1 and later. The issue is related to a race condition in POSIX CPU timers and causes errors in the task cleanup routine, destabilizing the kernel and causing crashes, denial of service, and privilege escalations.

CVE-2025-48543, in turn, affects the Android Runtime, where Java/Kotlin applications and system services run. It potentially allows a malicious application to bypass sandbox protection and gain access to higher-level system functionality.

In addition to the two actively exploited zero-day bugs, the September update fixed four critical bugs.

CVE-2025-48539, a Remote Code Execution (RCE) bug in the Android system component, allows an attacker in close physical or network proximity (for example, within Bluetooth or Wi-Fi range) to execute arbitrary code on the device without any user interaction or privileges.

Vulnerabilities CVE-2025-21450, CVE-2025-21483, and CVE-2025-27034 affects proprietary Qualcomm components. According to details provided by Qualcomm in its security bulletin, the vulnerability CVE-2025-21450affects the GPS control system, the vulnerability CVE-2025-21483 concerns issues with the network data stacks, and the vulnerability CVE-2025-27034 concerns an issue in the multimodal call processor.

Google has traditionally prepared two patch levels: 2025-09-01 and 2025-09-05, to give partners the ability to more quickly fix some of the vulnerabilities common to all devices. Android.

Redazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli