SB2025090275 - Multiple vulnerabilities in Google Android
Published: September 2, 2025 Updated: February 6, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 96 secuirty vulnerabilities.
1) Buffer over-read (CVE-ID: CVE-2025-21487)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in Data Network Stack & Connectivity. A remote attacker can read and manipulate data.
2) Double Free (CVE-ID: CVE-2025-21432)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in SPS-HLOS. A local application can execute arbitrary code.
3) NULL Pointer Dereference (CVE-ID: CVE-2025-21433)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in SPS-HLOS. A local application can perform a denial of service (DoS) attack.
4) Buffer over-read (CVE-ID: CVE-2025-21446)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN Firmware. A remote attacker can perform a denial of service (DoS) attack.
5) Buffer over-read (CVE-ID: CVE-2025-21449)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN Embedded SW. A remote attacker can perform a denial of service (DoS) attack.
6) Buffer over-read (CVE-ID: CVE-2025-21454)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN Embedded SW. A remote attacker can perform a denial of service (DoS) attack.
7) Out-of-bounds read (CVE-ID: CVE-2025-21464)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation in Core. A local application can gain access to sensitive information.
8) Out-of-bounds read (CVE-ID: CVE-2025-21465)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation in Core. A local application can gain access to sensitive information.
9) Improper input validation (CVE-ID: CVE-2025-21477)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Modem. A remote attacker can perform a denial of service (DoS) attack.
10) Buffer overflow (CVE-ID: CVE-2025-21481)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in HLOS. A local application can execute arbitrary code.
11) Cryptographic Issues (CVE-ID: CVE-2025-21482)
The vulnerability allows a local application to read and manipulate data.
The vulnerability exists due to improper input validation in Core. A local application can read and manipulate data.
12) Buffer over-read (CVE-ID: CVE-2025-21484)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in Data Network Stack & Connectivity. A remote attacker can read and manipulate data.
13) Buffer over-read (CVE-ID: CVE-2025-21488)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in Data Network Stack & Connectivity. A remote attacker can read and manipulate data.
14) Improper Validation of Array Index (CVE-ID: CVE-2025-27034)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation in Multi-Mode Call Processor. A remote attacker can execute arbitrary code.
15) Improper Access Control Applied to Mirrored or Aliased Memory Regions (CVE-ID: CVE-2025-27032)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Hypervisor. A local application can execute arbitrary code.
16) Buffer overflow (CVE-ID: CVE-2025-27052)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Core Services. A local application can execute arbitrary code.
17) Buffer over-read (CVE-ID: CVE-2025-27065)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN Firmware. A remote attacker can perform a denial of service (DoS) attack.
18) Reachable Assertion (CVE-ID: CVE-2025-27066)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN Firmware. A remote attacker can perform a denial of service (DoS) attack.
19) Reachable Assertion (CVE-ID: CVE-2025-27073)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN Firmware. A remote attacker can perform a denial of service (DoS) attack.
20) Buffer over-read (CVE-ID: CVE-2025-47317)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in BT Controller. A local application can execute arbitrary code.
21) Buffer over-read (CVE-ID: CVE-2025-47318)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in BT Controller. A remote attacker can perform a denial of service (DoS) attack.
22) Buffer over-read (CVE-ID: CVE-2025-47326)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN HAL. A remote attacker can perform a denial of service (DoS) attack.
23) Buffer over-read (CVE-ID: CVE-2025-47328)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN HAL. A remote attacker can perform a denial of service (DoS) attack.
24) Release of invalid pointer or reference (CVE-ID: CVE-2025-47329)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Android Core. A local application can execute arbitrary code.
25) Buffer over-read (CVE-ID: CVE-2025-21427)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in Data HLOS - LNX. A remote attacker can read and manipulate data.
26) Memory corruption (CVE-ID: CVE-2025-21483)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation in Data Network Stack & Connectivity. A remote attacker can execute arbitrary code.
27) NULL pointer dereference (CVE-ID: CVE-2025-21755)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __vsock_release() function in net/vmw_vsock/af_vsock.c. A local user can perform a denial of service (DoS) attack.
28) Race condition (CVE-ID: CVE-2025-38352)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the run_posix_cpu_timers() function in kernel/time/posix-cpu-timers.c. A local user can escalate privileges on the system.
Note, the vulnerability is being actively exploited in the wild against Android devices.
29) Race condition (CVE-ID: CVE-2025-021701)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in net/ethtool/netlink.c. A local user can exploit the race and escalate privileges on the system.
30) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-7881)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions. An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a privileged location. A local user or process can read privileged data and escalate privileges on the system.
31) Improper Authentication (CVE-ID: CVE-2025-21450)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in GPS_GNSS. A remote attacker can read and manipulate data.
32) Out-of-bounds write (CVE-ID: CVE-2025-20696)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the DA component. A local application can trigger an out-of-bounds write and execute arbitrary code on the target system.
33) Out-of-bounds write (CVE-ID: CVE-2025-20704)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input within the Modem component. A remote attacker with control over a rogue base station can trigger an out-of-bounds write and execute arbitrary code on the target system.
34) Out-of-bounds write (CVE-ID: CVE-2025-20708)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input within the Modem component. A remote attacker with control over a rogue base station can send specially crafted packets to the device, trigger an out-of-bounds write and execute arbitrary code on the target system.
35) Out-of-bounds read (CVE-ID: CVE-2025-20703)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the Modem component. A remote attacker with control over a rogue base station can send specially crafted packets to trigger an out-of-bounds read error and perform a denial of service (DoS) attack.
36) Incorrect Calculation of Buffer Size (CVE-ID: CVE-2025-27042)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Video. A local application can execute arbitrary code.
37) Buffer overflow (CVE-ID: CVE-2025-27043)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Video. A local application can execute arbitrary code.
38) Use After Free (CVE-ID: CVE-2025-27056)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in DSP Service. A local application can execute arbitrary code.
39) Buffer over-read (CVE-ID: CVE-2025-27057)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN Host. A remote attacker can perform a denial of service (DoS) attack.
40) Out-of-bounds write (CVE-ID: CVE-2025-27061)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Video. A local application can execute arbitrary code.
41) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2025-32332)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper privilege management in Widevine DRM. A local application can escalate privileges on the system.
42) Improper input validation (CVE-ID: CVE-2025-48534)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the System component. A local application can perform a denial of service (DoS) attack.
43) Exposure of sensitive information to an unauthorized actor (CVE-ID: CVE-2025-48527)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
44) Improper input validation (CVE-ID: CVE-2025-48547)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
45) Improper input validation (CVE-ID: CVE-2025-48544)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
46) Improper input validation (CVE-ID: CVE-2025-48532)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
47) Improper input validation (CVE-ID: CVE-2025-48531)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
48) Improper input validation (CVE-ID: CVE-2025-48535)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
49) Improper input validation (CVE-ID: CVE-2025-48526)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
50) Improper input validation (CVE-ID: CVE-2025-48523)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
51) Improper input validation (CVE-ID: CVE-2025-32347)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
52) Improper input validation (CVE-ID: CVE-2025-32345)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
53) Improper input validation (CVE-ID: CVE-2025-32346)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
54) Exposure of sensitive information to an unauthorized actor (CVE-ID: CVE-2025-48551)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
55) Improper input validation (CVE-ID: CVE-2025-48541)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
56) Exposure of sensitive information to an unauthorized actor (CVE-ID: CVE-2025-48560)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
57) Improper input validation (CVE-ID: CVE-2025-48524)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the System component. A local application can perform a denial of service (DoS) attack.
58) Improper input validation (CVE-ID: CVE-2025-32333)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
59) Improper input validation (CVE-ID: CVE-2025-26464)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
60) Improper input validation (CVE-ID: CVE-2025-26454)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
61) Improper input validation (CVE-ID: CVE-2024-49714)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
62) Improper input validation (CVE-ID: CVE-2025-48539)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
63) Improper input validation (CVE-ID: CVE-2025-48559)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Framework component. A local application can perform a denial of service (DoS) attack.
64) Improper input validation (CVE-ID: CVE-2025-48550)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Framework component. A local application can perform a denial of service (DoS) attack.
65) Improper input validation (CVE-ID: CVE-2025-48542)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Framework component. A local application can perform a denial of service (DoS) attack.
66) Improper input validation (CVE-ID: CVE-2025-32327)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
67) Improper input validation (CVE-ID: CVE-2025-48538)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Framework component. A local application can perform a denial of service (DoS) attack.
68) Exposure of sensitive information to an unauthorized actor (CVE-ID: CVE-2025-48562)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
69) Exposure of sensitive information to an unauthorized actor (CVE-ID: CVE-2025-48545)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
70) Exposure of sensitive information to an unauthorized actor (CVE-ID: CVE-2025-48537)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
71) Exposure of sensitive information to an unauthorized actor (CVE-ID: CVE-2025-48529)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
72) Improper input validation (CVE-ID: CVE-2025-32326)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
73) Exposure of sensitive information to an unauthorized actor (CVE-ID: CVE-2025-32330)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
74) Exposure of sensitive information to an unauthorized actor (CVE-ID: CVE-2025-48561)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
75) Improper input validation (CVE-ID: CVE-2025-48554)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Framework component. A local application can perform a denial of service (DoS) attack.
76) Improper input validation (CVE-ID: CVE-2025-32323)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
77) Improper input validation (CVE-ID: CVE-2025-32321)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
78) Exposure of sensitive information to an unauthorized actor (CVE-ID: CVE-2025-0076)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
79) Improper input validation (CVE-ID: CVE-2025-48552)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
80) Improper input validation (CVE-ID: CVE-2025-48549)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
81) Improper input validation (CVE-ID: CVE-2025-48546)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
82) Improper input validation (CVE-ID: CVE-2025-48540)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
83) Improper input validation (CVE-ID: CVE-2025-48528)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
84) Improper input validation (CVE-ID: CVE-2025-48522)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
85) Improper input validation (CVE-ID: CVE-2025-32350)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
86) Improper input validation (CVE-ID: CVE-2025-32349)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
87) Improper input validation (CVE-ID: CVE-2025-32331)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
88) Improper input validation (CVE-ID: CVE-2025-48543)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Android Runtime ART component. A local application can escalate privileges on the system.
Note, the vulnerability is being exploited in the wild.
89) Improper input validation (CVE-ID: CVE-2025-32325)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
90) Improper input validation (CVE-ID: CVE-2025-32324)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
91) Improper input validation (CVE-ID: CVE-2025-0089)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
92) Improper input validation (CVE-ID: CVE-2025-48563)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
93) Improper input validation (CVE-ID: CVE-2025-48548)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
94) Improper input validation (CVE-ID: CVE-2025-48556)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
95) Improper input validation (CVE-ID: CVE-2025-48558)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
96) Improper input validation (CVE-ID: CVE-2025-48553)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
Remediation
Install update from vendor's website.