CVE-2025-22421
published 2025-09-02CVE-2025-22421: In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| platform | frameworks_base | >= 13:0 < 13:2025-04-01 | 13:2025-04-01 |
| platform | frameworks_base | >= 14:0 < 14:2025-04-01 | 14:2025-04-01 |
| platform | frameworks_base | >= 15-next:0 < 15-next:2025-04-01 | 15-next:2025-04-01 |
| platform | frameworks_base | >= 15:0 < 15:2025-04-01 | 15:2025-04-01 |
Android
CVE-2025-22421: Android Security Bulletin 2025-04-01
CVE: CVE-2025-22421
Severity: HIGH
Type: ID
Affected AOSP versions: 13, 14, 15
References: A-338024220
vendor_android·2025-04-01·CVSS 5.5
CVE-2025-22421 [MEDIUM] CVE-2025-22421: Android Security Bulletin 2025-04-01
CVE: CVE-2025-22421
Severity: HIGH
Type: ID
Affected AOSP versions: 13, 14, 15
References: A-338024220
Android Security Bulletin 2025-04-01
CVE: CVE-2025-22421
Severity: HIGH
Type: ID
Affected AOSP versions: 13, 14, 15
References: A-338024220
GHSA
GHSA-3r9j-wg6p-3336: In contentDescForNotification of NotificationContentDescription
ghsa_unreviewed·2025-09-03
CVE-2025-22421 GHSA-3r9j-wg6p-3336: In contentDescForNotification of NotificationContentDescription
In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
OSV
CVE-2025-22421: In contentDescForNotification of NotificationContentDescription
osv·2025-04-01
CVE-2025-22421 CVE-2025-22421: In contentDescForNotification of NotificationContentDescription
In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-09-02
Published