Android Multiple Vulnerabilities
RISK: Medium Risk
TYPE: Operating Systems - Mobile & Apps

Multiple vulnerabilities were identified in Android. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure and elevation of privilege on the targeted system.
Note:
CVE-2024-53104 is being exploited in the wild. Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class (UVC) driver that could allow for physical escalation of privilege. Since the exploitation requires physical connection to malicious hardware, the risk level remains Medium.
[Updated on 2025-02-06]
Updated Description, Source and Related Links
Impact
- Elevation of Privilege
- Denial of Service
- Information Disclosure
System / Technologies affected
- Android security patch level prior to 2025-02-01
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
https://source.android.com/docs/security/bulletin/2025-02-01
Vulnerability Identifier
- CVE-2023-40122
- CVE-2023-40133
- CVE-2023-40134
- CVE-2023-40135
- CVE-2023-40136
- CVE-2023-40137
- CVE-2023-40138
- CVE-2023-40139
- CVE-2024-0037
- CVE-2024-49721
- CVE-2024-49723
- CVE-2024-49729
- CVE-2024-49741
- CVE-2024-49743
- CVE-2024-49746
- CVE-2024-53104
- CVE-2025-0088
- CVE-2025-0091
- CVE-2025-0094
- CVE-2025-0095
- CVE-2025-0096
- CVE-2025-0097
- CVE-2025-0098
- CVE-2025-0099
- CVE-2025-0100
Source
Related Link
Share with