{"id":233155,"date":"2025-02-06T13:15:12","date_gmt":"2025-02-06T13:15:12","guid":{"rendered":"https:\/\/news.talkwithrattan.com\/index.php\/2025\/02\/06\/google-rolls-out-february-2025-security-patch-for-android-with-47-fixes\/"},"modified":"2025-02-06T13:15:12","modified_gmt":"2025-02-06T13:15:12","slug":"google-rolls-out-february-2025-security-patch-for-android-with-47-fixes","status":"publish","type":"post","link":"https:\/\/news.talkwithrattan.com\/index.php\/2025\/02\/06\/google-rolls-out-february-2025-security-patch-for-android-with-47-fixes\/","title":{"rendered":"Google Rolls Out February 2025 Security Patch for Android With 47 Fixes"},"content":{"rendered":"
\"Google<\/div>


\n<\/p>\n

\n

Google<\/a> on Monday released the February 2025 security patch for Android<\/a> devices. The update brings crucial security fixes for discovered vulnerabilities, ranging from high to critical severity, including one CVE which is said to have been \u201cactively exploited\u201d. Several flaws target devices powered by Arm, Imagination Technologies, MediaTek, Qualcomm, and Unisoc components, while other vulnerabilities affect general system components such as framework and kernel.<\/p>\n

February 2025 Security Patch for Android<\/h2>\n

According<\/a> to Google’s Android Security Bulletin for February 2025, a total of 47 discovered vulnerabilities have been patched with the latest update. Following the rollout, the Mountain View-based technology giant has also released the source code patches for these issues to the Android Open Source Project (AOSP) repository. Google notes that one of the vulnerabilities, with the identifier CVE-2024-53104, is related to the USB Video Class (UVC) driver subcomponent and may be \u201cunder limited, targeted exploitation\u201d.<\/p>\n

With a high severity and a CVSS score of 7.8, it could lead to \u201cphysical escalation of privilege with no additional execution privileges needed\u201d, as per the bulletin. While Google has not shared any other details, the National Vulnerability Database, which is the US government’s repository of standards-based vulnerability management data, describes<\/a> it as a video subsystem flaw in the Linux kernel.<\/p>\n

It occurred when the uvc_parse_format<\/strong> function tried handling UVC_VS_UNDEFINED<\/strong> frame but skipped or ignored the undefined frames, parsing them instead. The uvc_parse_streaming<\/strong> function, which calculates the buffer size, created this vulnerability as it tried to calculate the buffer size for the expected frames but did not account for the undefined ones. Thus, its attempt to write data steered past the allocated buffer size, creating an out-of-bounds write.<\/p>\n

Out of the 47 vulnerabilities patched with the February 2025 update, only one has been labelled a \u201ccritical\u201d severity, CVE-2024-45569. It has a CVSS rating of 9.8. The flaw affects WLAN subcomponent in Qualcomm devices. It also addresses issues related to framework, kernel, platform, and system.<\/p>\n<\/div>\n


\n
Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Google on Monday released the February 2025 security patch for Android devices. The update brings crucial security fixes for discovered vulnerabilities, ranging from high to critical severity, including one CVE which is said to have been \u201cactively exploited\u201d. Several flaws target devices powered by Arm, Imagination Technologies, MediaTek, Qualcomm, and Unisoc components, while other vulnerabilities […]<\/p>\n","protected":false},"author":2,"featured_media":233156,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","fifu_image_url":"https:\/\/i.gadgets360cdn.com\/large\/android_15_2_1733488737918.jpg","fifu_image_alt":"","footnotes":""},"categories":[607],"tags":[4351,148771,9275,182102,11217,1098,182105,182103,182104,8968,4157,2441],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/news.talkwithrattan.com\/index.php\/wp-json\/wp\/v2\/posts\/233155"}],"collection":[{"href":"https:\/\/news.talkwithrattan.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.talkwithrattan.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news.talkwithrattan.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/news.talkwithrattan.com\/index.php\/wp-json\/wp\/v2\/comments?post=233155"}],"version-history":[{"count":1,"href":"https:\/\/news.talkwithrattan.com\/index.php\/wp-json\/wp\/v2\/posts\/233155\/revisions"}],"predecessor-version":[{"id":233157,"href":"https:\/\/news.talkwithrattan.com\/index.php\/wp-json\/wp\/v2\/posts\/233155\/revisions\/233157"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.talkwithrattan.com\/index.php\/wp-json\/wp\/v2\/media\/233156"}],"wp:attachment":[{"href":"https:\/\/news.talkwithrattan.com\/index.php\/wp-json\/wp\/v2\/media?parent=233155"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.talkwithrattan.com\/index.php\/wp-json\/wp\/v2\/categories?post=233155"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.talkwithrattan.com\/index.php\/wp-json\/wp\/v2\/tags?post=233155"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}