Google has released the December 2025 Android security bulletin, addressing 107 vulnerabilities, including two flaws
actively exploited in targeted attacks.
The two high-severity vulnerabilities are tracked as CVE-2025-48633 and CVE-2025-48572. They are information disclosure
and elevation-of-privilege issues, respectively, affecting Android versions 13 through 16.
"There are indications that the following may be under limited, targeted exploitation," mentions the December Android
While Google has not shared any technical or exploitation details about the flaws, similar flaws in the past were used
for targeted exploitation by commercial spyware or nation-state operations targeting a small number of high-interest
Ranked by severity, the most critical vulnerability fixed this month is CVE-2025-48631, a denial-of-service (DoS) flaw
in the Android Framework.
This month's updates address a total of 51 flaws on Android Framework and System components, covered by the 2025-12-01
Patch Level, and another 56 bugs in the Kernel and third-party closed-source components, covered by the 2025-12-05 Patch
In what concerns the latter, there are four critical-severity fixes for elevation-of-privilege flaws in the Kernel's
Pkvm and UOMMU subcomponents, and two critical fixes for Qualcomm-powered devices (CVE-2025-47319 and CVE-2025-47372).
More information about closed-source fixes can be found in Qualcomm's and MediaTek's bulletins for the December 2025
Additionally, Samsung published its security bulletin, including ported fixes from the Google update and vendor-specific
It is important to note that the updates cover devices running Android 13 and later, but devices on Android 10 and later
may receive some crucial fixes via Google Play system updates.
Also, Play Protect can detect and block documented malware and attack chains, so users of any Android version should
keep the component up to date and active.
Those on older Android versions should either move to a third-party distribution that regularly incorporates Google's
security fixes or switch to a newer device model for active support.