CVE-2025-36938 — Protection Mechanism Failure in Google Android

CWE-693 — Protection Mechanism Failure CWE-94 — Code Injection CWE-476 — NULL Pointer Dereference5 documents5 sources

Severity

6.8MEDIUMNVD

EPSS

0.0%

top 94.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Android

Timeline

PublishedDec 11

Description

In U-Boot of append_uint32_le(), there is a possible fault injection due to a logic error in the code. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages1 packages

▶CVEListV5google/androidAndroid kernel

🔴Vulnerability Details

CVEList

CVE-2025-36938: In U-Boot of append_uint32_le(), there is a possible fault injection due to a logic error in the code↗2025-12-11

▶

GHSA

GHSA-xjcr-r5hg-97fc: In U-Boot of append_uint32_le(), there is a possible fault injection due to a logic error in the code↗2025-12-11

▶

OSV

CVE-2025-36938: In U-Boot of append_uint32_le(), there is a possible fault injection due to a logic error in the code↗2025-12-01

▶

📋Vendor Advisories

Microsoft

bpf skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue↗2024-05-14

▶