Google addresses Android security flaw potentially used by law enforcement

au.pcmag.com February 4, 2025, 10:00 PM UTC

Google has fixed a security vulnerability in Android, identified as CVE-2024-53104, which may have been exploited by law enforcement to access smartphones. The flaw involves a programming error in the Linux kernel's USB Video Class driver. The patch is included in the upcoming "2025-02-05" security update for Android. Google indicated that the vulnerability could allow physical escalation of privileges, meaning an attacker would need direct access to the device. GrapheneOS, a privacy-focused Android developer, noted that its system is already protected against such attacks. However, it warned that standard Android may still be at risk due to the Linux kernel's structure and coding practices.


With a significance score of 4, this news ranks in the top 8% of today's 18483 analyzed articles.

Get summaries of news with significance over 5.5 (usually ~10 stories per week). Read by 8000 minimalists.