Mountain View, California – Google has recently released patches for 62 vulnerabilities, with two of them being actively exploited in the wild. These high-severity vulnerabilities include an out-of-bounds flaw in the USB sub-component of Kernel and a privilege escalation flaw in the USB sub-component of Kernel. The vulnerabilities were addressed in Google’s monthly security bulletin for April 2025.
According to Google, the most critical security issue among the patched vulnerabilities is a flaw in the System component that could potentially lead to remote escalation of privilege without requiring additional execution privileges. User interaction is not necessary for exploitation. The company has also confirmed that the vulnerabilities may have been subject to limited, targeted exploitation.
Of particular interest is CVE-2024-53197, which is linked to the Linux kernel and was previously patched along with two other vulnerabilities in 2024. These vulnerabilities were reportedly exploited together to gain unauthorized access to a Serbian youth activist’s Android phone in December 2024. Google addressed one of the vulnerabilities in February 2025 and the other last month, effectively eliminating the exploit path.
While there is limited information available on how CVE-2024-53150 has been exploited in real-world attacks, users of Android devices are advised to apply the updates as soon as they are released by Android original equipment manufacturers (OEMs). It is crucial for users to stay vigilant and proactive in securing their devices against potential threats.
The continuous efforts by Google to identify and patch vulnerabilities reflect the ongoing challenges and risks associated with digital security. As technology evolves, it is essential for both companies and users to prioritize cybersecurity measures to safeguard sensitive information and prevent malicious activities. By promptly addressing and remedying vulnerabilities, Google demonstrates its commitment to enhancing the overall security of its products and services.