Summary: Google has published its March 2025 Android Security Bulletin, addressing 44 vulnerabilities, including two high-severity flaws actively exploited in the wild. Notably, these vulnerabilities, CVE-2024-43093 and CVE-2024-50302, stem from privilege escalation issues within the Android framework and Linux kernel respectively. Google has advised its partners and users to implement the latest security patches to mitigate the risks associated with these vulnerabilities.
Affected: Android Operating System
Keypoints :
- 44 vulnerabilities addressed in the March 2025 Android Security Bulletin.
- CVE-2024-43093 allows unauthorized access to sensitive directories within Android.
- CVE-2024-50302 could lead to uninitialized kernel memory being leaked to local attackers.
- Both vulnerabilities are part of “limited, targeted exploitation” incidents.
- Google has released security patch levels 2025-03-01 and 2025-03-05 to expedite vulnerability remediation.
Source: https://thehackernews.com/2025/03/googles-march-2025-android-security.html