SB2025020380 - Multiple vulnerabilities in Google Android
Published: February 3, 2025 Updated: June 13, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 46 secuirty vulnerabilities.
1) Improper Validation of Array Index (CVE-ID: CVE-2024-45569)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation in WLAN Host Communication. A remote attacker can execute arbitrary code.
2) Buffer overflow (CVE-ID: CVE-2024-38420)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error while configuring a Hypervisor based input virtual device. A local user can trigger memory corruption and execute arbitrary code on the target system.
3) Buffer over-read (CVE-ID: CVE-2024-38404)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Multi Mode Call Processor. A remote attacker can perform a denial of service (DoS) attack.
4) Improper Validation of Array Index (CVE-ID: CVE-2024-49843)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Graphics_Linux. A local application can execute arbitrary code.
5) Buffer over-read (CVE-ID: CVE-2024-49839)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in WLAN Host Cmn. A remote attacker can read and manipulate data.
6) Improper Validation of Array Index (CVE-ID: CVE-2024-49834)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Camera. A local application can execute arbitrary code.
7) Improper Validation of Array Index (CVE-ID: CVE-2024-49833)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Camera. A local application can execute arbitrary code.
8) Improper Validation of Array Index (CVE-ID: CVE-2024-49832)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Camera. A local application can execute arbitrary code.
9) Improper Validation of Array Index (CVE-ID: CVE-2024-45582)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Camera Driver. A local application can execute arbitrary code.
10) Use After Free (CVE-ID: CVE-2024-45571)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in WLAN Host Communication. A local application can execute arbitrary code.
11) Out-of-bounds write (CVE-ID: CVE-2024-53104)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an out-of-bounds read error within the uvc_parse_format() function in drivers/media/usb/uvc/uvc_driver.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.
Note, the vulnerability is being actively exploited in the wild.
12) Out-of-bounds write (CVE-ID: CVE-2024-52935)
The vulnerability allows a guest OS to execute arbitrary code.
The vulnerability exists due to a boundary error when processing untrusted input. Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest’s virtualised GPU memory.
13) Use-after-free (CVE-ID: CVE-2024-47892)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error of kernel memory in PMRUnlockPhysAddressesOSMem for on-demand non-4KB PMRs in system memory (UMA). A local user can conduct GPU system calls to read and write freed physical memory from the GPU.
14) Use-after-free (CVE-ID: CVE-2024-46973)
The vulnerability allows a local process to escalate privileges on the system.
The vulnerability exists due to a reference count mismanagement in psServerMMUContext . A local process can trigger a use-after-free error and escalate privileges on the system.
15) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-43705)
The vulnerability allows a local process to overwrite read-only memory.
The vulnerability exists due to improper privilege management in PVRSRVBridgePhysmemWrapExtMem. A local process can write to arbitrary read-only system files that have been mapped into application memory.
16) Use-after-free (CVE-ID: CVE-2025-0015)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a use-after-free error. A local application can execute arbitrary code with elevated privileges.
17) Race condition (CVE-ID: CVE-2025-0088)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in SPF. A local user can exploit the race and escalate privileges on the system.
18) Information exposure (CVE-ID: CVE-2024-49729)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
19) Improper input validation (CVE-ID: CVE-2025-0091)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
20) Improper input validation (CVE-ID: CVE-2025-0094)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Platform component. A local application can execute arbitrary code.
21) Improper input validation (CVE-ID: CVE-2024-49741)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Framework component. A local application can perform a denial of service (DoS) attack.
22) Information exposure (CVE-ID: CVE-2025-0100)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
23) Improper input validation (CVE-ID: CVE-2025-0099)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
24) Improper input validation (CVE-ID: CVE-2025-0097)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
25) Improper input validation (CVE-ID: CVE-2024-49746)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
26) Improper input validation (CVE-ID: CVE-2024-49743)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
27) Improper input validation (CVE-ID: CVE-2024-49721)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
28) Improper input validation (CVE-ID: CVE-2025-0098)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
29) Information exposure (CVE-ID: CVE-2024-49723)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
30) Improper input validation (CVE-ID: CVE-2025-0096)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
31) Improper input validation (CVE-ID: CVE-2025-0095)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
32) Out-of-bounds write (CVE-ID: CVE-2025-20634)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to a missing bounds check within Modem. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
33) Write-what-where Condition (CVE-ID: CVE-2024-20141)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within DA. A local application can execute arbitrary code.
34) Out-of-bounds write (CVE-ID: CVE-2024-20142)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within DA. A local application can execute arbitrary code.
35) Out-of-bounds write (CVE-ID: CVE-2025-20635)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within DA. A local application can execute arbitrary code.
36) Out-of-bounds write (CVE-ID: CVE-2025-20636)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within secmem. A local application can execute arbitrary code.
37) Information exposure (CVE-ID: CVE-2023-40122)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
38) Information exposure (CVE-ID: CVE-2023-40133)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
39) Information exposure (CVE-ID: CVE-2023-40134)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
40) Information exposure (CVE-ID: CVE-2023-40135)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
41) Information exposure (CVE-ID: CVE-2023-40136)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
42) Information exposure (CVE-ID: CVE-2023-40137)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
43) Information exposure (CVE-ID: CVE-2023-40138)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
44) Information exposure (CVE-ID: CVE-2023-40139)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
45) Information exposure (CVE-ID: CVE-2024-0037)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
46) Information exposure (CVE-ID: CVE-2024-39441)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to a possible missing permission check within the wifi display in Android. A remote attacker can trick the victim to open a specially crafted file and read and manipulate data.
Remediation
Install update from vendor's website.
References
- https://source.android.com/docs/security/bulletin/2025-02-01#spl-details
- https://android.googlesource.com/platform/system/core/+/a1b00e3f3412c6de6fddb53e603264deb248dace
- https://source.android.com/docs/security/bulletin/2025-02-01
- https://android.googlesource.com/platform/packages/apps/Settings/+/e3bbc415adb51975aeade545725b6931099d412e
- https://android.googlesource.com/platform/packages/apps/Settings/+/c86bccb4e1d3af30e7e89310a3f176091eb497ef
- https://android.googlesource.com/platform/frameworks/base/+/047bc1ce62f84aa0bd5827b49edb330e1cc2da8b
- https://android.googlesource.com/platform/frameworks/base/+/0e462ffab7727e282af15945aeecdb9b1709e4e9
- https://android.googlesource.com/platform/frameworks/base/+/7946586c33503bc383403faec48ffcea39e365ac
- https://android.googlesource.com/platform/frameworks/base/+/a4a8fca641b0671a8c1d2bb3857dc5fc40d01704
- https://android.googlesource.com/platform/frameworks/native/+/9aaf913c6f0efc93e805a6baa02d2077108809e1
- https://android.googlesource.com/platform/frameworks/native/+/b3cdb06ab9137a67e4ee212ae6655de383fdaaaa
- https://android.googlesource.com/platform/frameworks/base/+/72a3d2d72c39fd48f0a960a1b3c1e16e307421df
- https://android.googlesource.com/platform/frameworks/base/+/b8a1a5d47c3916fe08deefaefd8772092b4fb03c
- https://android.googlesource.com/platform/frameworks/base/+/f1fd60bb80f9ea95c61b5392102a4afedd948188
- https://android.googlesource.com/platform/frameworks/base/+/7714ccb85ed961083dcc97e230c71242c3422b5e
- https://android.googlesource.com/platform/frameworks/base/+/9515a9448c528d45c9b673e2e9b61971bc7e58c1
- https://android.googlesource.com/platform/external/conscrypt/+/79117043c54eb2fc91ece695c90938d60904d59f
- https://android.googlesource.com/platform/libcore/+/c9d01a45928e0cdd2e6102c1c0ecf23a9de3601f
- https://android.googlesource.com/platform/hardware/st/nfc/+/58728fc8363b3b073f1561b253da4a42998fed11
- https://android.googlesource.com/platform/packages/apps/Settings/+/4b99ae729036d9d8bb75fa9503c10e7c87b27c2c