cbcvebase.
CVE-2025-0081
published 2025-08-26

CVE-2025-0081: In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote…

high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected

17 ranges
VendorProductVersion rangeFixed in
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
platformexternal_dng_sdk>= 12:0 < 12:2025-03-0112:2025-03-01
platformexternal_dng_sdk>= 12L:0 < 12L:2025-03-0112L:2025-03-01
platformexternal_dng_sdk>= 13:0 < 13:2025-03-0113:2025-03-01
platformexternal_dng_sdk>= 14:0 < 14:2025-03-0114:2025-03-01
platformexternal_dng_sdk>= 15-next:0 < 15-next:2025-03-0115-next:2025-03-01
platformexternal_dng_sdk>= 15:0 < 15:2025-03-0115:2025-03-01