CVE-2025-0096 β€” Heap-based Buffer Overflow in Hardware ST NFC

2 documents2 sources
Severity
β€”N/A
No vector
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Platform Hardware ST NFC
Timeline
PublishedFeb 1

Description

In handlePollingLoopData of hal_fwlog.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Packages1 packages

β–ΆAndroidplatform/hardware_st_nfc15-next:0 β€” 15-next:2025-02-01+1

πŸ”΄Vulnerability Details

1
OSV
CVE-2025-0096: In handlePollingLoopData of hal_fwlog↗2025-02-01
β–Ά

πŸ“‹Vendor Advisories

1
Android
CVE-2025-0096: Android Security Bulletin 2025-02-01 CVE: CVE-2025-0096 Severity: HIGH Type: EoP Affected AOSP versions: 15 References: A-356630194β†—2025-02-01
β–Ά
CVE-2025-0096 β€” Heap-based Buffer Overflow | cvebase