"Patch Tuesday is next week, but Android is ahead of the game, dropping its biggest patch bundle this year while attackers actively exploit two of the now-fixed flaws. This month, the world's most popular mobile operating system pushed out 120 patches, its biggest monthly dump this year. It's a far cry from July, when Android didn't issue a single patch as everything was apparently fine, but in September, two of the flaws may be under "limited, targeted exploitation.""
"The two biggest concerns are CVE-2025-38352, a high-severity problem with the Linux kernel at the heart of the operating system, and CVE-2025-48543, a high-severity issue with Android's runtime environment hosting apps. An attacker can escalate local privileges with both flaws, without even requiring user interaction. Google declined to name who is exploiting the flaws or how, but the language suggests that a surveillanceware company is using them to break in."
Android pushed 120 security patches, its largest monthly bundle this year, addressing multiple high-severity flaws. Two high-severity vulnerabilities, CVE-2025-38352 in the Linux kernel and CVE-2025-48543 in the Android runtime, allow local privilege escalation without user interaction and show signs of limited, targeted exploitation. Google declined to identify exploit actors, while a Hong Kong CERT reiterated exploitation signs; Citizen Lab reported no detections. The update also fixes three critical Qualcomm component flaws in GPS control, network data stacks, and the multi-mode call processor. Qualcomm extended component support timelines, and Imagination Technologies received ten fixes.
#android-security #local-privilege-escalation #qualcomm-vulnerabilities #surveillanceware-exploitation
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]