Android Security Update Fixes 129 Flaws and Tackles Actively Exploited Zero-Day Flaw - gbhackers.com

Android Security Update Fixes 129 Flaws AndroidCVE/vulnerabilityCyber Security News 3 min.Read Android Security Update Fixes 129 Flaws and Tackles Actively Exploited Zero-Day Flaw By Divya March 3, 2026 Share Facebook Twitter Pinterest WhatsApp Google has rolled out the highly anticipated March 2026 Android Security Bulletin, delivering critical fixes for 129 security vulnerabilities across the Android ecosystem. This massive update represents one of the highest numbers of patches issued in a single month. The rollout is structured into two distinct security patch levels, 2026-03-01 and 2026-03-05, giving device manufacturers the flexibility to rapidly deploy fixes for core Android platform flaws before addressing complex hardware-specific components. The Zero-Day Threat: CVE-2026-21385 The most concerning issue in this month’s bulletin is CVE-2026-21385, a high-severity vulnerability located in Qualcomm’s Display and Graphics component. Google has explicitly warned that there are indications this flaw may be under limited, targeted exploitation in the wild. While specific details of the attacks remain undisclosed, this integer overflow vulnerability can cause severe memory corruption. Zero-day flaws in display components are frequently leveraged by advanced threat actors to compromise system integrity and bypass standard security boundaries. Beyond the zero-day, the March update resolves several critical-severity vulnerabilities that require immediate attention: System Component (CVE-2026-0006): This is the most severe vulnerability in the core Android system. It allows for Remote Code Execution (RCE) without requiring any additional execution privileges or user interaction. If left unpatched, attackers could potentially take over a device remotely.​ System Component (CVE-2025-48631): A critical Denial-of-Service (DoS) vulnerability that could be triggered remotely, causing devices to crash or become unresponsive.​ Kernel Components: Multiple critical Elevation of Privilege (EoP) flaws were patched in the Kernel, including issues in the Flash-Friendly File System, Hypervisor, and Protected Kernel-Based Virtual Machine (pKVM). These flaws allow local attackers to gain complete system-level access. Highlighted CVE Vulnerabilities Below is a summary of the most critical and actively exploited vulnerabilities addressed in this update. Core Android Platform Vulnerabilities (Patch Level 2026-03-01) CVE ID Affected Component Vulnerability Type Severity CVE-2026-0006 System Remote Code Execution (RCE) Critical ​ CVE-2025-48631 System Denial of Service (DoS) Critical ​ CVE-2026-0047 Framework Elevation of Privilege (EoP) Critical ​ CVE-2025-32313 Framework Elevation of Privilege (EoP) High ​ CVE-2025-48544 Framework Elevation of Privilege (EoP) High ​ CVE-2026-0010 Framework Elevation of Privilege (EoP) High ​ CVE-2025-48630 Framework Information Disclosure (ID) High ​ CVE-2026-0012 Framework Information Disclosure (ID) High ​ CVE-2025-48644 Framework Denial of Service (DoS) High ​ CVE-2026-0014 Framework Denial of Service (DoS) High ​ CVE-2025-48602 System Elevation of Privilege (EoP) High ​ CVE-2026-0021 System Elevation of Privilege (EoP) High ​ CVE-2024-43766 System Information Disclosure (ID) High ​ CVE-2025-48585 System Denial of Service (DoS) High ​ CVE-2025-48609 System Denial of Service (DoS) High ​ Kernel and Virtualization Flaws (Patch Level 2026-03-05) CVE ID Subcomponent Vulnerability Type Severity CVE-2024-43859 Flash-Friendly File System Elevation of Privilege (EoP) Critical ​ CVE-2026-0037 Protected Kernel-Based Virtual Machine (pKVM) Elevation of Privilege (EoP) Critical ​ CVE-2026-0038 Hypervisor Elevation of Privilege (EoP) Critical ​ CVE-2026-0027 Protected Kernel-Based Virtual Machine (pKVM) Elevation of Privilege (EoP) Critical ​ CVE-2026-0028 pKVM Elevation of Privilege (EoP) Critical ​ CVE-2026-0030 pKVM Elevation of Privilege (EoP) Critical ​ CVE-2026-0031 pKVM Elevation of Privilege (EoP) Critical ​ CVE-2025-38616 Transport Layer Security (TLS) Elevation of Privilege (EoP) High ​ CVE-2025-38618 vsock Elevation of Privilege (EoP) High ​ CVE-2025-40266 pKVM Elevation of Privilege (EoP) High ​ Third-Party Vendor & Hardware Components (Patch Level 2026-03-05) CVE ID Hardware Vendor Subcomponent Severity CVE-2026-21385 Qualcomm Display (Actively Exploited) High  CVE-2025-47394 Qualcomm Kernel High ​ CVE-2025-47339 Qualcomm Closed-source component High ​ CVE-2025-2879 Arm Mali GPU High ​ CVE-2025-10865 Imagination Technologies PowerVR-GPU High ​ CVE-2025-58407 Imagination Technologies PowerVR-GPU High ​ CVE-2026-20425 MediaTek Display High ​ CVE-2026-20434 MediaTek Modem High ​ CVE-2025-20760 MediaTek Modem High ​ CVE-2025-61612 Unisoc Modem High ​ CVE-2025-69279 Unisoc Modem High ​ CVE-2025-48613 Misc OEM VBMeta High ​ Mitigation and Remediation To protect against these threats, users and enterprise administrators are strongly advised to update their devices to the latest Android version as soon as the patch becomes available from their respective original equipment manufacturers. Check Patch Levels: Security patch levels of 2026-03-05 or later fully address all vulnerabilities detailed in this bulletin.​ Google Play Protect: Google Play Protect remains an active defense layer, enabled by default on devices with Google Mobile Services. It continuously monitors and warns users about potentially harmful applications that might attempt to exploit these newly disclosed flaws.​ Google will publish the corresponding source code patches to the Android Open Source Project (AOSP) repository within 48 hours, ensuring long-term platform stability for the wider ecosystem. Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google. Tags cyber security Cyber Security News Vulnerability Divya Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world. Hot this week Infosec- Resources How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities June 4, 2023 1 What is Deep Web The deep web, invisible web, or... SOC Architecture How to Build and Run a Security Operations Center (SOC Guide) – 2023 June 3, 2023 12 Today’s Cyber security operations center (CSOC) should have everything... Cyber Security News Network Penetration Testing Checklist – 2025 March 2, 2025 0 Network penetration testing is a cybersecurity practice that simulates... Cyber Security News Russian Hackers Bypass EDR to Deliver a Weaponized TeamViewer Component October 18, 2023 0 TeamViewer's popularity and remote access capabilities make it an... Checklist Web Server Penetration Testing Checklist – 2026 January 6, 2026 0 Web server pentesting is performed under three significant categories: identity,... Topics AcquisitionAdobeAdwareAIAmazonAmazon AWSAMDAndroidAnti VirusAntimalwareAntispoofingANY RUNApacheAPIAppleAPTArtificial IntelligenceAvastAWSAzureBackdoorBitcoinBluetoothBotnetBrowserBuffer over flowBug BountyBusinessChatbotsChatGPTChecklistChromeCiscoCISOCISO AdvisoryCloudCloud SecurityCloudflareComputer SecurityCourseCPUCross site ScriptingcryptocurrencyCryptocurrency hackCVE/vulnerabilityCyber AdvisoryCyber AICyber AttackCyber Crimecyber securityCyber security CourseCyber Security NewsCyber Security ResourcesDark WebData BreachData GovernanceDDOSDealsDeepSeekDiscordDNSDos AttackDriveDropboxEducationEmailEmail SecurityEthical HackingExploitExploitation ToolsExtratorrentsFACEBOOKFeaturedFirefoxFirefox NewsFirewallForensics ToolsgameGenAIGitHubGitLabGmailGoogleGoogle dorksGovernanceGRCHacking BooksHacksHardware HackingHBOHTMLHTTPIBMIISIncident ResponseInformation GatheringInformation Security RisksInfosec- ResourcesInsider ThreatsInstagramMore Bluetooth Windows 11 25H2/24H2 Update Addresses Bluetooth Device Visibility Issues 0 Microsoft has rolled out an unexpected out-of-band hotpatch, KB5084897,... cyber security Google Warns Ransomware Groups Shift to Data Theft as Profits Decline 0 Google is warning that ransomware gangs are reinventing their... Cyber Security News Microsoft Launches AI-Driven Troubleshooting for Purview Data Lifecycle Tools 0 Microsoft has officially released a new open-source tool designed... CVE/vulnerability Angular XSS Vulnerability Threatens Thousands of Web Applications 0 A high-severity Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2026-32635,... cyber security Glassworm Malware Infects Popular React Native npm Packages 0 A new Glassworm-linked supply chain attack has briefly turned... cyber security Packagist Themes Deliver Trojanized jQuery in OphimCMS Supply Chain Attack 0 A new OphimCMS supply chain attack in which six... CVE/vulnerability CISA Issues Alert on Wing FTP Server Vulnerability Used in Attacks 0 The Cybersecurity and Infrastructure Security Agency (CISA) has issued... Cyber Security News WebFiling Flaw at UK Companies House Exposed Director Data for Months 0 The UK Companies House recently disclosed a significant security... Related Articles Windows 11 25H2/24H2 Update Addresses Bluetooth Device Visibility Issues Bluetooth March 17, 2026 Google Warns Ransomware Groups Shift to Data Theft as Profits Decline cyber security March 17, 2026 Microsoft Launches AI-Driven Troubleshooting for Purview Data Lifecycle Tools Cyber Security News March 17, 2026 Angular XSS Vulnerability Threatens Thousands of Web Applications CVE/vulnerability March 17, 2026 Glassworm Malware Infects Popular React Native npm Packages cyber security March 17, 2026 Recent News Windows 11 25H2/24H2 Update Addresses Bluetooth Device Visibility Issues Divya - March 17, 2026 Google Warns Ransomware Groups Shift to Data Theft as Profits Decline Mayura Kathir - March 17, 2026 Microsoft Launches AI-Driven Troubleshooting for Purview Data Lifecycle Tools Divya - March 17, 2026 Angular XSS Vulnerability Threatens Thousands of Web Applications Divya - March 17, 2026 Glassworm Malware Infects Popular React Native npm Packages Mayura Kathir - March 17, 2026 Packagist Themes Deliver Trojanized jQuery in OphimCMS Supply Chain Attack Mayura Kathir - March 17, 2026