CVE-2025-22412 — Use After Free

Vendor	Product	Version range	Fixed in
google	android	—	—
google	android	—	—
google	android	—	—
platform	packages_modules_bluetooth	>= 15-next:0 < 15-next:2025-03-01	15-next:2025-03-01
platform	packages_modules_bluetooth	>= 15:0 < 15:2025-03-01	15:2025-03-01

GHSA

GHSA-r9j2-mqr5-q4v7: In multiple functions of sdp_server

ghsa_unreviewed·2025-08-27

CVE-2025-22412 [HIGH] CWE-416 GHSA-r9j2-mqr5-q4v7: In multiple functions of sdp_server In multiple functions of sdp_server.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

OSV

CVE-2025-22412: In multiple functions of sdp_server

osv·2025-03-01

CVE-2025-22412 CVE-2025-22412: In multiple functions of sdp_server In multiple functions of sdp_server.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Android

CVE-2025-22412: Android Security Bulletin 2025-03-01 CVE: CVE-2025-22412 Severity: CRITICAL Type: RCE Affected AOSP versions: 15 References: A-375404242

vendor_android·2025-03-01·CVSS 8.8

CVE-2025-22412 [HIGH] CVE-2025-22412: Android Security Bulletin 2025-03-01 CVE: CVE-2025-22412 Severity: CRITICAL Type: RCE Affected AOSP versions: 15 References: A-375404242 Android Security Bulletin 2025-03-01 CVE: CVE-2025-22412 Severity: CRITICAL Type: RCE Affected AOSP versions: 15 References: A-375404242

CVE-2025-22412: In multiple functions of sdp_server.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code…

Affected