Google has released its June 2025 Android Security Bulletin, patching multiple high-severity vulnerabilities, including three critical Qualcomm zero-days that were confirmed to be under active, targeted exploitation.
According to Qualcomm’s security bulletin, the actively exploited vulnerabilities, CVE-2025-21479, CVE-2025-21480, and CVE-2025-27038, affect Adreno GPU drivers. These flaws allow unauthorized command execution or memory corruption through specific sequences of GPU commands and could be used by local attackers to escalate privileges or compromise device integrity.
The vulnerabilities, reported by Google’s Android Security team and Threat Analysis Group (TAG), were patched and provided to device manufacturers (OEMs) in May, with Qualcomm issuing strong recommendations for urgent deployment across affected Snapdragon, FastConnect, and other chipsets.
Google’s Android Security Bulletin for the June 2025 update lists fixes for Qualcomm components under both open and closed-source disclosures. These include the critical GPU-related zero-days as well as other high-severity issues across the kernel, DSP services, WLAN, Bluetooth, and networking stacks.
While the bulletin does not provide exploitation details, such zero-days can be used for spyware delivery, device rooting, or compromising sensitive app data, so applying the available update as soon as possible is critical.
Google’s June 2025 security patches cover devices running Android 10 and above, with security patch level 2025-06-05 or later. However, the rollout depends on device manufacturers and carriers pushing updates to end users.
The affected chipsets cover a vast swath of Qualcomm’s portfolio, from the Snapdragon 8 Gen 2 and Gen 3 flagship SoCs to midrange and budget platforms like the Snapdragon 695, 778G, and 4 Gen 1/2. Wearables, automotive modules, and network infrastructure components relying on FastConnect, QCA, QCS, and other Qualcomm hardware are also impacted.
Notably, CVE-2025-21479 and CVE-2025-21480 involve incorrect authorization in GPU micronodes, leading to memory corruption; CVE-2025-27038 involves a use-after-free issue in Adreno GPU drivers when rendering graphics in Chrome.
Google advises all users to apply the latest updates as soon as they are made available on their security center. Devices that support Project Mainline may receive some component updates directly via Google Play system updates, but OEM-delivered patches remain essential for full device security.
To check your device’s security patch level, go to Settings > About phone > Android version. Look for a patch level of 2025-06-05 or later. To apply the update, head to Settings > Security & privacy > System & updates > Security update.
As more technical details emerge, security researchers and attackers alike will analyze the patched vulnerabilities, increasing the pressure on device makers to push updates swiftly.
If your device is no longer supported, it is recommended to install a third-party Android distribution that might still port critical fixes to older models.
Leave a Reply