Google fixes Android zero-day exploited by Serbian authorities

Google has released patches for 43 vulnerabilities in Android's March 2025 security update, including two zero-days exploited in targeted attacks. Serbian authorities have used one of the zero-days, a high-severity information disclosure security vulnerability (CVE-2024-50302) in the Linux kernel's driver for Human Interface Devices, to unlock confiscated devices. The flaw was reportedly exploited as part of an Android zero-day exploit chain developed by Israeli digital forensics company Cellebrite to unlock confiscated devices. The exploit chain—which also includes a USB Video Class zero-day (CVE-2024-53104) patched last month and an ALSA USB-sound driver zero-day)—was found by Amnesty International's Security Lab in mid-2024 while analyzing the logs found on a device unlocked by Serbian authorities. Google told BleepingComputer last week that they shared fixes for these flaws with OEM partners in January. "We were aware of these vulnerabilities and exploitation risk prior to the ... Read full article.