Alerts
Multiple Vulnerabilities in Android Products
5 February 2025
Google has released security updates addressing multiple vulnerabilities in Android products. Users and administrators of Android products are advised to monitor for new patches and update immediately when available.
Google has released security updates addressing multiple vulnerabilities (CVE-2024-53104 and CVE-2024-45569) in Android products.
The vulnerabilities are:
CVE-2024-53104: This vulnerability affects the Linux kernel's USB Video Class (UVC) driver. Successful exploitation of this vulnerability could allow an authenticated attacker to escalate privileges and perform arbitrary code execution. The vulnerability is reportedly under limited, targeted exploitation.
CVE-2024-45569: This vulnerability affects Qualcomm's WLAN components. Successful exploitation of this vulnerability could allow a remote attacker to corrupt the memory and perform arbitrary code execution. The vulnerability has a Common Vulnerability Scoring System (CVSSv3.1) score of 9.8 out of 10.
The vulnerabilities affect all Android devices that use the following products:
CVE-2024-53104: Linux kernel version 2.6.26
CVE-2024-45569: AR8035, CSR8811, FastConnect 6700, FastConnect 6900, FastConnect 7800, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5010, IPQ5028, IPQ5300, IPQ5302, IPQ5312, IPQ5332, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9048, IPQ9554, IPQ9570, IPQ9574, QAM8255P, QAM8295P, QAM8620P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA0000, QCA4024, QCA6554A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6688AQ, QCA6696, QCA6698AQ, QCA6777AQ, QCA6787AQ, QCA6797AQ, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9888, QCA9889, QCC710, QCF8000, QCF8000SFP, QCF8001, QCM5430, QCM6490, QCM8550, QCN5022, QCN5024, QCN5052, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6112, QCN6122, QCN6132, QCN6224, QCN6274, QCN6402, QCN6412, QCN6422, QCN6432, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9160, QCN9274, QCS5430, QCS615, QCS6490, QCS8300, QCS8550, QCS9100, QFW7114, QFW7124, Qualcomm Video Collaboration VC3 Platform, QXM8083, SA6155P, SA7255P, SA7775P, SA8155P, SA8195P, SA8255P, SA8295P, SA8530P, SA8540P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SDX55, SDX65M, SM6650, SM7635, SM7675, SM7675P, SM8550P, SM8635, SM8635P, SM8750, SM8750P, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon X65 5G Modem-RF System, Snapdragon X72 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, SRV1H, SRV1L, SRV1M, SXR2230P, SXR2250P, SXR2330P, WCD9340, WCD9370, WCD9375, WCD9378, WCD9380, WCD9385, WCD9390, WCD9395, WCN6450, WCN6650, WCN6755, WCN7860, WCN7861, WCN7880, WCN7881, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H
Users and administrators of Android devices that use the affected products are advised to monitor for new patches and update immediately when available.
More information is available here:
https://nvd.nist.gov/vuln/detail/CVE-2024-53104
https://nvd.nist.gov/vuln/detail/CVE-2024-45569
https://source.android.com/docs/security/bulletin/2025-02-01
https://www.securityweek.com/vulnerability-patched-in-android-possibly-exploited-by-forensic-tools/
https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html