Google is patching some Android security vulnerabilities through its new August 2025 update. Two of them cover two Qualcomm flaws.
These security bugs, CVE-2025-21479 and CVE-2025-27038, both cause memory corruption due to the affected Adreno GPU driver. They were first reported in late January 2025, and the Google Threat Analysis Group later stated that they “may be under limited, targeted exploitation.”
In May, the patches for the problematic GPU drivers were introduced to OEMs. A month later, the Cybersecurity and Infrastructure Security Agency of the US recognized the two vulnerabilities as actively exploited issues due to attacks.
Google is now encouraging manufacturers to implement the update, while users are being urged to update their devices as soon as possible. Google Pixels will get the updates first, while other brands are expected to follow. The update includes a fix for a critical security vulnerability, which can allow attackers to obtain remote code execution.
