Google fixes actively exploited Android flaws in September update
The two flaws that were detected as exploited in zero-day attacks are CVE-2025-38352, an elevation of privilege in the Android kernel, and CVE-2025-48543, also an elevation of privilege problem in the Android Runtime component.
The flaw is a race condition in POSIX CPU timers, allowing task cleanup disruption and kernel destabilization, potentially leading to crashes, denial of service, and privilege escalation.
CVE-2025-48543 impacts the Android Runtime, where Java/Kotlin apps and system services execute. It potentially allows a malicious app to bypass sandbox restrictions and access higher-level system capabilities.
This post is licensed under CC BY 4.0 by the author.