The zero-day’s ID is CVE-2024-53104; it relates to privilege escalation in the USB Video Class driver of the Android kernel and enables authenticated local attackers to escalate their privileges.
The vulnerability originates from incorrect parsing of UVC_VS_UNDEFINED type frames in the uvc_parse_format function. As a result, the frames buffer size was calculated incorrectly resulting in out-of-bounds writes, which could be used to execute arbitrary code or deliver denial of service (DoS) attacks.
In addition to the above-mentioned zero-day vulnerability, the February set of patches fixes a critical vulnerability in Qualcomm’s WLAN component. Qualcomm describes this bug (CVE-2024-45569) as follows: memory corruption while parsing the ML IE due to invalid frame content.
CVE-2024-45569 can be used by remote attackers to execute arbitrary code or commands, read or modify memory, or cause crashes. Importantly, these attacks don’t require privileges or user interaction.
In February 2025, Google released two sets of patches: 2025-02-01 and 2025-02-05. The latter one includes all the fixes from the first set, as well as additional fixes for third-party closed-source modules and kernel elements that apply not to all Android devices.
2025.04.29 — FBI Offers 10 million USD for information on Salt Typhoon members
The FBI offers up to 10 million USD for information about members of the Chinese hacker group Salt Typhoon and last year's attack that had…
Full article →
2025.01.27 — YouTube plays hour-long ads to users with ad blockers
Users complain that YouTube plays very long unskippable ads. Sometimes such ads are longer than the video the person is watching. The issue was raised…
Full article →
2025.03.20 — 8,000 vulnerabilities identified in WordPress ecosystem in 2024
According to Patchstack, world's #1 WordPress vulnerability intelligence provider, 7,966 new vulnerabilities were identified in the WordPress ecosystem in 2024; most of these bugs affected plugins…
Full article →
2025.02.18 — Chrome Enhanced Protection mode is now powered by AI
The Enhanced Protection mode in Google Chrome has been updated. Now it uses AI to protect users from dangerous sites, downloads, and extensions in real time.…
Full article →
2025.03.18 — Black Basta ransomware group developed its own automated brute-forcing framework
According to EclecticIQ, Black Basta Ransomware-as-a-Service (RaaS) group has developed its own automated brute-forcing framework dubbed BRUTED. It's used to hack edge network devices…
Full article →
2025.04.10 — April updates released by Microsoft cause issues with Windows Hello
Microsoft warns that some Windows users who have installed the April updates might be unable to login to their Windows services using Windows Hello facial recognition…
Full article →
2025.01.25 — 18,000 script kiddies have been infected with backdoor via XWorm RAT builder
According to CloudSEK analysts, malefactors attack novice hackers using a fake malware builder. Script kiddies' systems become infected with a backdoor that steals data and subsequently…
Full article →
2025.02.28 — Qualcomm extends support for Android devices to 8 years
Qualcomm Technologies announced its collaboration with Google with the purpose to provide extended support for OEM devices running on company's flagship chipsets. This partnership will…
Full article →
2025.03.10 — Nearly a million Windows computers impacted by a malvertising campaign
According to Microsoft, nearly 1 million Windows devices fell victim to a sophisticated malvertising campaign in recent months. Cybercriminals were able to steal credentials, cryptocurrency, and sensitive…
Full article →
2025.02.25 — More than 100,000 users downloaded SpyLend malware from Google Play Store
According to Cyfirma, a malicious Android app called SpyLend was available on the official Google Play Store for some time and has been downloaded from there…
Full article →