In their April 2025 security advisory, Google addressed 62 security flaws in Android, including two that were actively exploited.
The two most serious vulnerabilities are:
• CVE-2024-53150: this out-of-bounds read vulnerability in the USB sub-component of the Linux kernel could allow local attackers to access sensitive information from kernel memory
out-of-bound vulnerability in the USB sub-component of the kernel could allow attackers to access sensitive information.
• CVE-2024-53197: this privilege escalation vulnerability in the USB sub-component of the kernel could allow an attacker to gain higher-level access to the system, enabling them to perform actions they normally should not be able to.
Google said the worst issue is a vulnerability in the system that could let attackers take control remotely without needing extra permissions or user involvement.
Google has confirmed that both of these vulnerabilities may have been subjected to limited targeted exploitation.
Notably, CVE-2024-53197 impacts the Linux kernel and was resolved last year, along with two other vulnerabilities (CVE-2024-53104 and CVE-2024-50302). These three vulnerabilities were combined to hack into a Serbian youth activist’s Android phone in December 2024.
Google fixed CVE-2024-53104 in February 2025, and last month, CVE-2024-50302 was addressed. With the latest update, all three vulnerabilities have been patched, closing the security gap.
Information on how CVE-2024-53150 has been exploited in attacks, the individuals behind them, and their potential targets is currently unavailable. Android users are recommended to install the updates as soon as the device markers (OEMs) release them.
