ASB-A-382239029 — Vulnetix

ASB-A-382239029 PUBLISHED CVSS 8.600000381469727 HIGH

In validate_clock_selector of clock.c, there is a possible out of bounds read due to memory corruption. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Scores

CVSS 4.0

8.600000381469727

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
Android	:linux_kernel:	:0, *, :0

Exploit Intelligence

USN-7389-1.json (github-poc)
CveImporter.kt (github-poc)
kev.json (github-poc)
data.js (github-poc)

Timeline

Apr 1, 2025 CVE Published
May 15, 2026 CVE Updated

References

https://source.android.com/security/bulletin/2025-04-01 advisory
https://android.googlesource.com/kernel/common/+/f9aca4186aa3e257d966fd5b2e5a4557394358e7 patch
https://android.googlesource.com/kernel/common/+/d0e1b23b5d6aeac552a7b1f3721c0a377b8f54cb patch

Open in Interactive Console →