Summary: The January 2025 Android security updates address 48 vulnerabilities, including a high-severity zero-day vulnerability actively exploited in the wild. This update features critical patches for privilege escalation in the Android kernel and a firmware memory corruption flaw in Qualcomm’s WLAN component. Google has issued two patch levels to ensure timely updates for its Pixel devices, with other manufacturers following after necessary testing.
Affected: Android Operating System, Qualcomm WLAN Component
Keypoints :
- Zero-day vulnerability (CVE-2024-53104) in the Android Kernel allows local threat actors to execute low-complexity attacks.
- Critical flaw (CVE-2024-45569) in Qualcomm’s WLAN component enables remote attackers to execute arbitrary code without needing user interaction.
- Google Pixel devices will receive immediate updates, while other manufacturers may take additional time for testing and implementation.