Updates have been issued by Google to resolve a pair of actively exploited high-severity Qualcomm security vulnerabilities and other Android security flaws, The Hacker News reports.
Both of the bugs observed within the Graphics component, tracked as CVE-2025-21479 and CVE-2025-27038, could be leveraged to facilitate memory corruption and have already been added to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities list in June alongside another Qualcomm chipset defect, tracked as CVE-2025-21480. Also part of Google's patches for this month are fixes for the high-severity Android Framework vulnerabilities, tracked as CVE-2025-22441 and CVE-2025-48533, as well as the critical System component issue, tracked as CVE-2025-48530. Threat actors could chain CVE-2025-48530 with other vulnerabilities to prompt remote code execution without user interaction or additional privileges. Android users have been urged to immediately apply the patches, which is available in two levels, with the latter having fixes for Qualcomm and Arm components.
Both of the bugs observed within the Graphics component, tracked as CVE-2025-21479 and CVE-2025-27038, could be leveraged to facilitate memory corruption and have already been added to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities list in June alongside another Qualcomm chipset defect, tracked as CVE-2025-21480. Also part of Google's patches for this month are fixes for the high-severity Android Framework vulnerabilities, tracked as CVE-2025-22441 and CVE-2025-48533, as well as the critical System component issue, tracked as CVE-2025-48530. Threat actors could chain CVE-2025-48530 with other vulnerabilities to prompt remote code execution without user interaction or additional privileges. Android users have been urged to immediately apply the patches, which is available in two levels, with the latter having fixes for Qualcomm and Arm components.
