ASB-A-345881518 — Vulnetix

ASB-A-345881518 PUBLISHED CVSS 8.600000381469727 HIGH

In multiple locations, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Scores

CVSS 4.0

8.600000381469727

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
platform	frameworks/base	15-next:0, 15:0, 15

Timeline

Jan 1, 2025 CVE Published
May 15, 2026 CVE Updated

References

https://source.android.com/security/bulletin/2025-01-01 advisory
https://android.googlesource.com/platform/frameworks/base/+/a44beb0ca3f788c468748e637a2a947b4b44503e patch

Open in Interactive Console →