Full Report
Google has released patches for 62 vulnerabilities in Android's April 2025 security update, including two zero-days exploited in targeted attacks. [...]
Analysis Summary
# Vulnerability: Android Kernel Information Disclosure Zero-Day
## CVE Details
- CVE ID: CVE-2024-53150
- CVSS Score: Not explicitly provided, but context suggests high severity due to zero-day, in-the-wild exploitation.
- CWE: Out-of-bounds Read (Implied by technical detail)
## Affected Systems
- Products: Android Kernel (affected devices running previous versions)
- Versions: Devices not updated with the April 2025 security patches.
- Configurations: Local attackers are affected.
## Vulnerability Description
CVE-2024-53150 is an Android Kernel information disclosure vulnerability stemming from an out-of-bounds read weakness. This flaw could allow a local attacker to read sensitive system information on vulnerable devices without requiring any user interaction.
## Exploitation
- Status: Exploited in the wild (as a zero-day confirmed by Google).
- Complexity: Low (Requires local access, but exploitation is automated).
- Attack Vector: Local
## Impact
- Confidentiality: High (Enables access to sensitive information)
- Integrity: Low (Primarily disclosure, not direct modification)
- Availability: Low
## Remediation
### Patches
Google released fixes via two Android Security Patch Levels (SPLs):
* **2025-04-01** SPL (Provides initial fixes)
* **2025-04-05** SPL (Includes all fixes, plus third-party/kernel component patches)
These fixes were shared with OEM partners on January 18th. Users should apply vendor updates incorporating these SPLs. Google Pixel devices typically receive these immediately.
### Workarounds
No specific workarounds were detailed in the provided context, as the flaw was patched rapidly upon confirmation of exploitation.
## Detection
- **Indicators of Compromise:** Not specified in the text, but generally involves monitoring unusual kernel activity or suspicious local process execution chain that might lead to accessing restricted memory areas.
- **Detection methods and tools:** Unknown / Requires custom kernel instrumentation or post-exploitation forensic analysis specific to the exploitation method used.
## References
- Vendor advisory: Google Partner Advisory on January 18 (Implied)
- Relevant links:
* hxxps://source.android.com/docs/security/bulletin/2025-04-01#2025-04-01-security-patch-level-vulnerability-details
* hxxps://source.android.com/docs/security/bulletin/2025-04-01#2025-04-05-security-patch-level-vulnerability-details
* hxxps://android.googlesource.com/kernel/common/+/f9aca4186aa3e257d966fd5b2e5a4557394358e7