CVE-2025-0088 — Race Condition in Google Android

3 documents3 sources

Severity

7.4HIGH

No vector

EPSS

No EPSS data

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Android

Timeline

PublishedFeb 1

Latest updateDec 2

Description

In multiple functions of mremap.c, there is a possible use-after-free scenario in physical memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Packages1 packages

▶googlegoogle/android

🔴Vulnerability Details

OSV

CVE-2025-0088: In multiple functions of mremap↗2025-02-01

▶

💥Exploits & PoCs

Exploit-DB

YOURLS 1.8.2 - Cross-Site Request Forgery (CSRF)↗2025-12-02

▶

📋Vendor Advisories

Android

CVE-2025-0088: mremap↗2025-02-01

▶