Google Android vulnerabilities

CVE-2025-20764 [HIGH] CWE-787 CVE-2025-20764: In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10259774; Issue ID: MSV-5029.

CVE-2025-20771 [MEDIUM] CWE-457 CVE-2025-20771: In display, there is a possible escalation of privilege due to improper input validation. This could In display, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4802.

CVE-2025-20776 [MEDIUM] CWE-125 CVE-2025-20776: In display, there is a possible out of bounds read due to a missing bounds check. This could lead to In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184297; Issue ID: MSV-4759.

CVE-2025-20765 [MEDIUM] CWE-362 CVE-2025-20765: In aee daemon, there is a possible system crash due to a race condition. This could lead to local de In aee daemon, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10190802; Issue ID: MSV-4833.

CVE-2025-20773 [MEDIUM] CWE-416 CVE-2025-20773: In display, there is a possible memory corruption due to use after free. This could lead to local es In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4797.

CVE-2025-20777 [MEDIUM] CWE-787 CVE-2025-20777: In display, there is a possible out of bounds write due to a missing bounds check. This could lead t In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4752.

CVE-2025-20788 [MEDIUM] CWE-1262 CVE-2025-20788: In GPU pdma, there is a possible memory corruption due to a missing permission check. This could lea In GPU pdma, there is a possible memory corruption due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117735; Issue ID: MSV-4539.

CVE-2025-20769 [MEDIUM] CWE-121 CVE-2025-20769: In display, there is a possible out of bounds write due to a missing bounds check. This could lead t In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4804.

CVE-2025-20770 [MEDIUM] CWE-416 CVE-2025-20770: In display, there is a possible memory corruption due to use after free. This could lead to local es In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4803.

CVE-2025-20775 [MEDIUM] CWE-416 CVE-2025-20775: In display, there is a possible memory corruption due to use after free. This could lead to local es In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.

CVE-2025-20774 [MEDIUM] CWE-122 CVE-2025-20774: In display, there is a possible out of bounds write due to a missing bounds check. This could lead t In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4796.

CVE-2025-20772 [MEDIUM] CWE-416 CVE-2025-20772: In display, there is a possible memory corruption due to use after free. This could lead to local es In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.

CVE-2025-20789 [MEDIUM] CWE-201 CVE-2025-20789: In GPU pdma, there is a possible information disclosure due to a missing bounds check. This could le In GPU pdma, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117741; Issue ID: MSV-4538.

CVE-2025-61617 [HIGH] CVE-2025-61617: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-61607 [HIGH] CVE-2025-61607: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-11132 [HIGH] CVE-2025-11132: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-3012 [HIGH] CVE-2025-3012: In dpc modem, there is a possible system crash due to null pointer dereference. This could lead to r In dpc modem, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-61610 [HIGH] CVE-2025-61610: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-11131 [HIGH] CVE-2025-11131: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

CVE-2025-61609 [HIGH] CVE-2025-61609: In modem, there is a possible system crash due to improper input validation. This could lead to remo In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed