Google has released patches for 62 security vulnerabilities, including two high-severity flaws in its Linux kernel. The company warned that the vulnerabilities could be exploited remotely with no additional execution privileges needed.
CVE-2024-53150 and CVE-2024-53197 are two of the most critical issues, both related to the USB sub-component of Kernel. While CVE-2024-53197 was patched last year, it was recently updated alongside other vulnerabilities.
The most severe issue involves a critical security vulnerability in Google’s System component that could lead to remote escalation of privilege with no user interaction required.
Google acknowledged limited, targeted exploitation for both flaws but did not disclose details on how CVE-2024-53150 has been exploited in real-world attacks. Users are advised to apply updates as released by Android original equipment manufacturers (OEMs).
Source: https://thehackernews.com/2025/04/google-releases-android-update-to-patch.html