VDB
ASB-A-416734088
ASB-A-416734088
PUBLISHED
CVSS 6.900000095367432 MEDIUM
In processTransactInternal of RpcState.cpp, there is a possible local out of memory write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Risk Scores
CVSS 4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| platform | frameworks/native | 16-next:0, 16-next, 15:0 |
Timeline
- Sep 1, 2025 CVE Published
- May 15, 2026 CVE Updated
References
- https://source.android.com/security/bulletin/2025-09-01 advisory
- https://android.googlesource.com/platform/frameworks/native/+/91aec28d0f5979d083b46e02e87c0b7d2e2587d2 patch
- https://android.googlesource.com/platform/frameworks/native/+/300a057414d7705457370bd07199bef92526f84a patch
- https://android.googlesource.com/platform/frameworks/native/+/a9e6d5a3c6797ad715a0e54a472c58a0c9468215 patch