Particle.news
Download on the App Store
3 ARTICLES
·
last wk.

Google Issues September Android Patch Fixing Two Actively Exploited 0‑Days

Google is delivering fixes through two patch levels, with some components pushed via Play Mainline to reach devices beyond OEM firmware updates.

Samsung hat das September-Update ausgerollt. (Symbolbild)
Pixel-Smartphones profitieren auch von zusätzlichen Verbesserungen. (Symbolbild)
Image

Overview

  • Google’s September security release documents more than 100 vulnerabilities across Android components, split into patch levels 2025-09-01 and 2025-09-05.
  • One exploited 0‑day (CVE-2025-48543) affects the Android Runtime as an elevation‑of‑privilege flaw, and another (CVE-2025-38352) targets the kernel’s POSIX CPU‑timer.
  • Nine fixes, including the ART 0‑day, will be distributed via Google Play Mainline to bolster protection on devices that lack prompt OEM updates.
  • The hardware-focused patch level includes dozens of vendor patches from Qualcomm, Arm, MediaTek and Imagination, with Qualcomm detailing affected chipsets in its own bulletin.
  • Samsung has begun shipping its September Security Maintenance Release that bundles Google’s patches with about 25 Samsung-specific fixes, while detailed Pixel notes are still pending and broader OEM rollouts will follow.