Google Android vulnerabilities

CVE-2025-48536 [HIGH] CWE-441 CVE-2025-48536: In grantAllowlistedPackagePermissions of SettingsSliceProvider.java, there is a possible way for a t In grantAllowlistedPackagePermissions of SettingsSliceProvider.java, there is a possible way for a third party app to modify secure settings due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48586 [HIGH] CWE-441 CVE-2025-48586: In onActivityResult of EditFdnContactScreen.java, there is a possible way to leak contacts from the In onActivityResult of EditFdnContactScreen.java, there is a possible way to leak contacts from the work profile due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48625 [HIGH] CWE-362 CVE-2025-48625: In multiple locations of UsbDataAdvancedProtectionHook.java, there is a possible way to access USB d In multiple locations of UsbDataAdvancedProtectionHook.java, there is a possible way to access USB data when the screen is off due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48608 [MEDIUM] CWE-862 CVE-2025-48608: In isValidMediaUri of SettingsProvider.java, there is a possible cross user media read due to a miss In isValidMediaUri of SettingsProvider.java, there is a possible cross user media read due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-22432 [MEDIUM] CWE-20 CVE-2025-22432: In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-32319 [MEDIUM] CWE-862 CVE-2025-32319: In ensureBound of RemotePrintService.java, there is a possible way for a background app to keep fore In ensureBound of RemotePrintService.java, there is a possible way for a background app to keep foreground permissions due to a permissions bypass. This could lead to local escalation of privilege with user execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48633 [MEDIUM] CVE-2025-48633: In hasAccountsOnAnyUser of DevicePolicyManagerService.java, there is a possible way to add a Device In hasAccountsOnAnyUser of DevicePolicyManagerService.java, there is a possible way to add a Device Owner after provisioning due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48610 [MEDIUM] CVE-2025-48610: In __pkvm_guest_relinquish_to_host of mem_protect.c, there is a possible configuration data leak due In __pkvm_guest_relinquish_to_host of mem_protect.c, there is a possible configuration data leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48614 [MEDIUM] CWE-862 CVE-2025-48614: In rebootWipeUserData of RecoverySystem.java, there is a possible way to factory reset the device wh In rebootWipeUserData of RecoverySystem.java, there is a possible way to factory reset the device while in DSU mode due to a missing permission check. This could lead to physical denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48622 [MEDIUM] CWE-125 CVE-2025-48622: In ProcessArea of dng_misc_opcodes.cpp, there is a possible out of bounds read due to a buffer overf In ProcessArea of dng_misc_opcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48576 [MEDIUM] CWE-400 CVE-2025-48576: In updateNotificationChannelGroupFromPrivilegedListener of NotificationManagerService.java, there is In updateNotificationChannelGroupFromPrivilegedListener of NotificationManagerService.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48603 [MEDIUM] CWE-770 CVE-2025-48603: In InputMethodInfo of InputMethodInfo.java, there is a possible permanent denial of service due to r In InputMethodInfo of InputMethodInfo.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48618 [MEDIUM] CWE-667 CVE-2025-48618: In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from t In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48601 [MEDIUM] CWE-20 CVE-2025-48601: In multiple locations, there is a possible permanent denial of service due to improper input validat In multiple locations, there is a possible permanent denial of service due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48607 [MEDIUM] CVE-2025-48607: In multiple locations, there is a possible way to create a large amount of app ops due to a logic er In multiple locations, there is a possible way to create a large amount of app ops due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48584 [MEDIUM] CWE-400 CVE-2025-48584: In multiple functions of NotificationManagerService.java, there is a possible way to bypass the per- In multiple functions of NotificationManagerService.java, there is a possible way to bypass the per-package channel limits causing resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48598 [MEDIUM] CWE-610 CVE-2025-48598: In multiple locations, there is a possible way to alter the primary user's face unlock settings due In multiple locations, there is a possible way to alter the primary user's face unlock settings due to a confused deputy. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48591 [MEDIUM] CWE-862 CVE-2025-48591: In multiple locations, there is a possible way to read files from another user due to a missing perm In multiple locations, there is a possible way to read files from another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48569 [MEDIUM] CWE-770 CVE-2025-48569: In multiple locations, there is a possible permanent denial of service due to resource exhaustion. T In multiple locations, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48600 [MEDIUM] CWE-862 CVE-2025-48600: In multiple files, there is a possible way to reveal information across users due to a missing permi In multiple files, there is a possible way to reveal information across users due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.