Google Android vulnerabilities

CVE-2025-48614 [MEDIUM] CWE-862 CVE-2025-48614: In rebootWipeUserData of RecoverySystem.java, there is a possible way to factory reset the device wh In rebootWipeUserData of RecoverySystem.java, there is a possible way to factory reset the device while in DSU mode due to a missing permission check. This could lead to physical denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48622 [MEDIUM] CWE-125 CVE-2025-48622: In ProcessArea of dng_misc_opcodes.cpp, there is a possible out of bounds read due to a buffer overf In ProcessArea of dng_misc_opcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48576 [MEDIUM] CWE-400 CVE-2025-48576: In updateNotificationChannelGroupFromPrivilegedListener of NotificationManagerService.java, there is In updateNotificationChannelGroupFromPrivilegedListener of NotificationManagerService.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48601 [MEDIUM] CWE-20 CVE-2025-48601: In multiple locations, there is a possible permanent denial of service due to improper input validat In multiple locations, there is a possible permanent denial of service due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48584 [MEDIUM] CWE-400 CVE-2025-48584: In multiple functions of NotificationManagerService.java, there is a possible way to bypass the per- In multiple functions of NotificationManagerService.java, there is a possible way to bypass the per-package channel limits causing resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48604 [MEDIUM] CWE-862 CVE-2025-48604: In multiple locations, there is a possible way to read files from another user due to a missing perm In multiple locations, there is a possible way to read files from another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48603 [MEDIUM] CWE-770 CVE-2025-48603: In InputMethodInfo of InputMethodInfo.java, there is a possible permanent denial of service due to r In InputMethodInfo of InputMethodInfo.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48618 [MEDIUM] CWE-667 CVE-2025-48618: In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from t In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48607 [MEDIUM] CVE-2025-48607: In multiple locations, there is a possible way to create a large amount of app ops due to a logic er In multiple locations, there is a possible way to create a large amount of app ops due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48591 [MEDIUM] CWE-862 CVE-2025-48591: In multiple locations, there is a possible way to read files from another user due to a missing perm In multiple locations, there is a possible way to read files from another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48569 [MEDIUM] CWE-770 CVE-2025-48569: In multiple locations, there is a possible permanent denial of service due to resource exhaustion. T In multiple locations, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48600 [MEDIUM] CWE-862 CVE-2025-48600: In multiple files, there is a possible way to reveal information across users due to a missing permi In multiple files, there is a possible way to reveal information across users due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48598 [MEDIUM] CWE-610 CVE-2025-48598: In multiple locations, there is a possible way to alter the primary user's face unlock settings due In multiple locations, there is a possible way to alter the primary user's face unlock settings due to a confused deputy. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48631 [MEDIUM] CWE-400 CVE-2025-48631: In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-22432 [MEDIUM] CWE-20 CVE-2025-22432: In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48590 [MEDIUM] CWE-400 CVE-2025-48590: In verifyAndGetBypass of AppOpsService.java, there is a possible method for a malicious app to preve In verifyAndGetBypass of AppOpsService.java, there is a possible method for a malicious app to prevent dialing emergency services under limited circumstances due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-20767 [HIGH] CWE-787 CVE-2025-20767: In display, there is a possible out of bounds write due to an integer overflow. This could lead to l In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4807.

CVE-2025-20766 [HIGH] CWE-457 CVE-2025-20766: In display, there is a possible memory corruption due to improper input validation. This could lead In display, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4820.

CVE-2025-20768 [HIGH] CWE-125 CVE-2025-20768: In display, there is a possible out of bounds read due to a missing bounds check. This could lead to In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4805.

CVE-2025-20763 [HIGH] CWE-787 CVE-2025-20763: In mmdvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to In mmdvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10267218; Issue ID: MSV-5032.