CVE-2025-22406 — Use After Free

Vendor	Product	Version range	Fixed in
google	android	—	—
google	android	—	—
google	android	—	—
platform	packages_modules_bluetooth	>= 15-next:0 < 15-next:2025-03-01	15-next:2025-03-01
platform	packages_modules_bluetooth	>= 15:0 < 15:2025-03-01	15:2025-03-01

Android

CVE-2025-22406: Android Security Bulletin 2025-03-01 CVE: CVE-2025-22406 Severity: HIGH Type: EoP Affected AOSP versions: 15 References: A-375160214

vendor_android·2025-03-01·CVSS 8.4

CVE-2025-22406 [HIGH] CVE-2025-22406: Android Security Bulletin 2025-03-01 CVE: CVE-2025-22406 Severity: HIGH Type: EoP Affected AOSP versions: 15 References: A-375160214 Android Security Bulletin 2025-03-01 CVE: CVE-2025-22406 Severity: HIGH Type: EoP Affected AOSP versions: 15 References: A-375160214

GHSA

GHSA-xmjx-29fm-9qh3: In bnepu_check_send_packet of bnep_utils

ghsa_unreviewed·2025-08-27

CVE-2025-22406 [HIGH] CWE-416 GHSA-xmjx-29fm-9qh3: In bnepu_check_send_packet of bnep_utils In bnepu_check_send_packet of bnep_utils.cc, there is a possible way to achieve code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

OSV

CVE-2025-22406: In bnepu_check_send_packet of bnep_utils

osv·2025-03-01

CVE-2025-22406 CVE-2025-22406: In bnepu_check_send_packet of bnep_utils In bnepu_check_send_packet of bnep_utils.cc, there is a possible way to achieve code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-22406: In bnepu_check_send_packet of bnep_utils.cc, there is a possible way to achieve code execution due to a use after free. This could lead to local escalation of…

Affected