VDB
ASB-A-305695605
ASB-A-305695605
PUBLISHED
In multiple locations, there is a possible way to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| platform | frameworks/base | 15-next:0, 15-next, 12 |
Timeline
- Feb 1, 2025 CVE Published
- May 15, 2026 CVE Updated
References
- https://source.android.com/security/bulletin/2025-02-01 advisory
- https://android.googlesource.com/platform/frameworks/base/+/72a3d2d72c39fd48f0a960a1b3c1e16e307421df patch
- https://android.googlesource.com/platform/frameworks/base/+/b8a1a5d47c3916fe08deefaefd8772092b4fb03c patch
- https://android.googlesource.com/platform/frameworks/base/+/f1fd60bb80f9ea95c61b5392102a4afedd948188 patch