Android Security Bulletin May 2025: Multi Vulnerabilities Including Actively Exploited CVE-2025-27363
Ddos 
Google has released its Android Security Bulletin for May 2025, highlighting a range of high-severity vulnerabilities affecting Android OS components, third-party chipsets, and the popular FreeType library.
The most urgent threat is CVE-2025-27363, a high-severity remote code execution (RCE) vulnerability in the System component. According to the bulletin, it can be exploited locally without requiring user interaction or additional privileges. Google notes that there are “indications that CVE-2025-27363 may be under limited, targeted exploitation.”
This vulnerability stems from the FreeType font rendering library, which has also drawn warnings from Meta and others. The flaw, described as an out-of-bounds write, affects FreeType versions 2.13.0 and below and could allow attackers to execute arbitrary code simply by parsing a specially crafted font file.
“The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code executio,” Meta explained.
The bulletin provides details on vulnerabilities organized by component, including Framework and System. The most severe vulnerability in the Framework section could lead to local escalation of privilege without needing additional execution privileges.
Kernel version updates are also addressed in the bulletin, with updates dependent on the Android OS version at the time of device launch. Vulnerabilities affecting Imagination Technologies, Arm, MediaTek, and Qualcomm components are included.
The bulletin also notes vulnerabilities included in Google Play system updates for Project Mainline components. These include vulnerabilities in subcomponents like Documents UI, Permission Controller, and WiFi.
To address these vulnerabilities, Android devices require security patch levels of 2025-05-05 or later. Users can find instructions on how to check and update their device’s security patch level by visiting “Check and update your Android version”.
Related Posts:
- MediaTek’s February 2025 Security Bulletin: Critical WLAN Vulnerabilities Expose Millions to Remote Attacks
- Qualcomm’s March 2025 Security Bulletin Addresses Critical Flaws Across Multiple Products
- MediaTek’s April 2025 Security Bulletin: Critical WLAN Vulnerability Exposes Chipsets
- CVE-2025-27363: Font Library FreeType Flaw Exploited in the Wild, Millions at Risk
Donate