Android Security Bulletin for April 2025 has 2 more vulnerabilities marked as being exploited in the wild. We've fully blocked exploiting both vulnerabilities for locked devices for years, before 2024. Our defenses against these attack vectors have been greatly improved since 2024.
#GrapheneOS fully prevented exploiting both vulnerabilities for locked devices, made both far harder to exploit while unlocked and already had both patched for a while too.
CVE-2024-53150: heap overflow (read) in a Linux kernel USB sound card driver
CVE-2024-53197: heap overflow (write) in a Linux kernel USB sound card driver
These vulnerabilities were being exploited by Cellebrite for data extraction from locked Android devices without GrapheneOS.
We have a post from late February about CVE-2024-53197 and 2 other bugs exploited by Cellebrite which they were blocked from exploiting by GrapheneOS:
https://discuss.grapheneos.org/d/20402-cellebrite-exploits-used-to-target-serbian-student-activist
CVE-2024-53150 is almost certainly part of the same batch of vulnerabilities they've been exploiting.
https://discuss.grapheneos.org/d/20401-grapheneos-improvements-to-protection-against-data-extraction-since-2024 covers how we've greatly improved the GrapheneOS defenses against these attacks since early 2024. We're continuing to work on improving it.
We helped get firmware security improvements to Pixels and are advocating for further hardware/firmware changes.
Final
npub1hx…sg75y
2025-04-07 21:11:35
Author Public Key
npub1hxx76n82ags8jrduk0p3gqrfyqyaxnrlnynu9p5rt2vmwjq6ts3q4sg75yPublished at
2025-04-07 21:11:35Event JSON
{
"id": "d87e4ce55a1a01b9f961b5e9ccdb6bc1f9a8b72bfc6f30e0ba55a3af6c33a89c",
"pubkey": "b98ded4ceaea20790dbcb3c31400692009d34c7f9927c286835a99b7481a5c22",
"created_at": 1744060295,
"kind": 1,
"tags": [
[
"t",
"GrapheneOS"
],
[
"t",
"grapheneos"
],
[
"r",
"https://discuss.grapheneos.org/d/20402-cellebrite-exploits-used-to-target-serbian-student-activist"
],
[
"r",
"https://discuss.grapheneos.org/d/20401-grapheneos-improvements-to-protection-against-data-extraction-since-2024"
]
],
"content": "Android Security Bulletin for April 2025 has 2 more vulnerabilities marked as being exploited in the wild. We've fully blocked exploiting both vulnerabilities for locked devices for years, before 2024. Our defenses against these attack vectors have been greatly improved since 2024. \n\n#GrapheneOS fully prevented exploiting both vulnerabilities for locked devices, made both far harder to exploit while unlocked and already had both patched for a while too.\n\nCVE-2024-53150: heap overflow (read) in a Linux kernel USB sound card driver\nCVE-2024-53197: heap overflow (write) in a Linux kernel USB sound card driver\n\nThese vulnerabilities were being exploited by Cellebrite for data extraction from locked Android devices without GrapheneOS.\n\nWe have a post from late February about CVE-2024-53197 and 2 other bugs exploited by Cellebrite which they were blocked from exploiting by GrapheneOS:\n\nhttps://discuss.grapheneos.org/d/20402-cellebrite-exploits-used-to-target-serbian-student-activist\n\nCVE-2024-53150 is almost certainly part of the same batch of vulnerabilities they've been exploiting.\n\nhttps://discuss.grapheneos.org/d/20401-grapheneos-improvements-to-protection-against-data-extraction-since-2024 covers how we've greatly improved the GrapheneOS defenses against these attacks since early 2024. We're continuing to work on improving it.\n\nWe helped get firmware security improvements to Pixels and are advocating for further hardware/firmware changes.",
"sig": "73153009b24aded3c3a4314811bc7261fd68e5157e4618c233fd4abb221a6f2223f89adfc98b937d44cfc512437c73de6b012337ae282988e48e389ffab75909"
}