Google’s latest Android Security Bulletin patching 111 vulnerabilities includes two actively exploited zero-day flaws affecting Android Runtime and the Linux kernel. The severity of these vulnerabilities emphasizes the importance of immediate updates to protect devices from privilege escalation attacks. #CVE-2025-48543 #CVE-2025-38352
Keypoints
- Google has patched 111 vulnerabilities in its September 2025 Android Security Bulletin.
- Two zero-day vulnerabilities, CVE-2025-48543 and CVE-2025-38352, are actively exploited in targeted attacks.
- The CVE-2025-48543 flaw impacts Android versions 13 to 16 and enables privilege escalation via Android Runtime.
- The CVE-2025-38352 bug involves a race condition in the Linux kernel’s handling of POSIX CPU timers.
- Google recommends users update their devices immediately to mitigate active threats and ensure security.
Read More: https://thecyberexpress.com/cve-2025-48543-and-cve-2025-38352/