**Google Android zero-day**: [Android Security Bulletin February 2025](https://source.android.com/docs/security/bulletin/2025-02-01 )
46 CVEs (1 critical, 45 high severity)
[CVE-2024-53104](https://cve.org/CVERecord?id=CVE-2024-53104 ) (7.8 high) media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (EoP in Kernel) cc: nostr:npub17wvr8uywpuzew2lqvprnt4g7cuq0kyvdf8gz57dlv3rsjvfcer3qqgnag2
> Note: There are indications that CVE-2024-53104 may be under limited, targeted exploitation.
#CVE_2024_53104 #android #google #vulnerability #zeroday #eitw #activeexploitation #infosec #cybersecurity
nostr:nprofile1qqs9g69ua6m5ec6ukstnmnyewj7a4j0gjjn5hu75f7w23d64gczunmgpz4mhxue69uhhyetvv9ujumt0wd68ytnsw43q4gnztg nostr:nprofile1qqstnr0dfn4w5grepk7t8sc5qp5jqzwnf3lejf7zs6p44xdhfqd9cgspzpmhxue69uhkummnw3ezumt0d5hszrnhwden5te0dehhxtnvdakz7qgawaehxw309ahx7um5wghxy6t5vdhkjmn9wgh8xmmrd9skctcnv0md0
🤔 A concern for GOS?
(removed previous post since got more info)
We had this patched early, appears likely around mid-December. We also have features like USB-C port control that makes exploiting the kernel USB drivers harder, that feature was actually meant for it.
We posted a thread earlier elsewhere about it, I just cross posted to Nostr now.
Thanks for your reply!
Sorry actually for tagging you; I realised too late that these issues are addressed by the usual updates (so potentially stressing you guys out via tagging seemed unnecessary to me posthoc), I didn't look properly.
Thanks a lot for your thread!
Android security patch backports are available but not the AOSP / Stock Pixel OS update for this yet. Potentially the other Android releases are still vulnerable until the update arrives. Usual Android updates on their own don't fix this until the monthly patches come. In this case we were 1-2 months ahead.
https://grapheneos.org/features#more-complete-patching
We released a new update with the early backports (2025020300) as well.
Thank you!🤗
I am still quite confused by all the different kinds of updates wrt Android.😕 Like I don't really know which kinds of updates there are and what they each focus on. A nice table explaining this would be great haha.
