CVE-2025-36922Use After Free in Google Android

CWE-416Use After Free5 documents5 sources
Severity
6.7MEDIUMNVD
EPSS
0.0%
top 99.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Android
Timeline
PublishedDec 11

Description

In bigo_map of bigo_iommu.c, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege in the OS Kernel level with System execution privileges needed. User interaction is not needed for exploitation.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages1 packages

CVEListV5google/androidAndroid kernel

🔴Vulnerability Details

3
GHSA
GHSA-9c27-3675-f2r6: In bigo_map of bigo_iommu2025-12-11
CVEList
CVE-2025-36922: In bigo_map of bigo_iommu2025-12-11
OSV
CVE-2025-36922: In bigo_map of bigo_iommu2025-12-01

📋Vendor Advisories

1
Microsoft
wifi: iwlwifi: read txq->read_ptr under lock2024-05-14
CVE-2025-36922 — Use After Free in Google Android | cvebase