Google has patched 47 security vulnerabilities in its February Android operating system update, including a critical vulnerability that was being actively exploited. The update not only improves device security, but also eliminates threats that could have seriously compromised user data.

Vulnerability discovered in 2024

The main focus of this security update is CVE-2024-53104, a high-severity vulnerability that affects the USB Video Class (UVC) driver in the Linux kernel.

The vulnerability, first discovered in November 2024, has a CVSS rating of 7.8 and could allow attackers to escalate system privileges, execute arbitrary code, or cause a device crash.

The issue dates back to 2008, when Linux version 2.6.26 was released, and involves improper processing of video frames—specifically, an out-of-bounds write error in the “uvc_parse_format” function.

Vulnerability also found in Qualcomm chips

This vulnerability was exploited in a limited but targeted manner, and the attack method involves a “physical” privilege escalation.

This suggests that the vulnerability could have been exploited in forensic tools to extract data from older devices.

In addition to CVE-2024-53104, Qualcomm has also fixed a critical vulnerability in its WLAN components, labeled CVE-2024-45569, which has a very high CVSS score of 9.8.

This vulnerability concerns a memory corruption issue caused by improper array index checking when processing network control frames. This poses a high risk of remote code execution.

Qualcomm chips are widely used in Android devices.

Google Pixel users will get access first

The Android security update includes two levels of patches - 2025-02-01 and 2025-02-05, giving Android partners flexibility to address common vulnerabilities.

The second update includes additional fixes for vulnerabilities in the kernel and third-party components, especially from vendors such as Arm, Imagination Technologies, MediaTek, and Unisoc.

As usual, Google Pixel users will get early access to these patches, while devices from other manufacturers often receive security updates more slowly, as they need to tailor security measures to their specially designed devices.