Google has launched its month-to-month Android Safety Bulletin for March 2025 to deal with a complete of 44 vulnerabilities, together with two that it stated have come beneath energetic exploitation within the wild.
The 2 high-severity vulnerabilities are listed beneath –
- CVE-2024-43093 – A privilege escalation flaw within the Framework element that would end in unauthorized entry to “Android/knowledge,” “Android/obb,” and “Android/sandbox” directories, and their respective sub-directories.
- CVE-2024-50302 – A privilege escalation flaw within the HID USB element of the Linux kernel that would result in a leak of uninitialized kernel reminiscence to a neighborhood attacker by specifically crafted HID stories.
It is price noting that CVE-2024-43093 was beforehand flagged by Google in its safety advisory for November 2024 as actively exploited within the wild. It isn’t clear what prompted the tech big to problem the alert a second time.
The Hacker Information has reached out to Google for additional remark, and we are going to replace the story if we hear again.
CVE-2024-50302, however, is likely one of the three vulnerabilities that had been chained right into a zero-day exploit devised by Cellebrite to interrupt right into a Serbian youth activist’s Android telephone in December 2024.
The exploit concerned using CVE-2024-53104, CVE-2024-53197, and CVE-2024-50302 to realize elevated privileges and sure deploy an Android spy ware dubbed NoviSpy.
All three vulnerabilities reside within the Linux kernel and had been patched late final 12 months. CVE-2024-53104 was addressed by Google in Android final month.
In its advisory, Google acknowledged that each CVE-2024-43093 and CVE-2024-50302 have come beneath “restricted, focused exploitation.”
The Mountain View-based firm has launched two safety patch ranges, 2025-03-01 and 2025-03-05, in order to offer flexibility to Android companions to deal with a portion of vulnerabilities which can be comparable throughout all Android units extra rapidly.