ASB-A-386802855
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-386802855.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-386802855
- Aliases
-
- A-386802855
- CVE-2025-26432
- Published
- 2025-06-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In multiple locations, there is a possible way to persistently DoS the device due to a missing length check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb"
],
"spl": "2025-06-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "writeToParcel",
"file": "core/java/android/companion/AssociationInfo.java"
},
"deprecated": false,
"digest": {
"function_hash": "89094872291986352617888711605590522552",
"length": 749.0
},
"signature_type": "Function",
"id": "ASB-A-386802855-080954c2"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "readAssociationV1",
"file": "services/companion/java/com/android/server/companion/association/AssociationDiskStore.java"
},
"deprecated": false,
"digest": {
"function_hash": "306392718360680245309167070024778389376",
"length": 1213.0
},
"signature_type": "Function",
"id": "ASB-A-386802855-09b1bc33"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "hashCode",
"file": "core/java/android/companion/AssociationInfo.java"
},
"deprecated": false,
"digest": {
"function_hash": "201992470561156167175853408604808830324",
"length": 301.0
},
"signature_type": "Function",
"id": "ASB-A-386802855-1b0a8f93"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "readAssociationV0",
"file": "services/companion/java/com/android/server/companion/association/AssociationDiskStore.java"
},
"deprecated": false,
"digest": {
"function_hash": "121647864855988303513161327211051291127",
"length": 697.0
},
"signature_type": "Function",
"id": "ASB-A-386802855-27b8dab9"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "build",
"file": "core/java/android/companion/AssociationInfo.java"
},
"deprecated": false,
"digest": {
"function_hash": "16952723517912667941923608309194780591",
"length": 539.0
},
"signature_type": "Function",
"id": "ASB-A-386802855-3666e01c"
},
{
"deprecated": false,
"digest": {
"function_hash": "255770833773182124740459550701314702324",
"length": 1268.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "handleCollision",
"file": "services/companion/java/com/android/server/companion/BackupRestoreProcessor.java"
},
"match_only_versions": [
"16-next"
],
"id": "ASB-A-386802855-3839363c"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "Builder",
"file": "core/java/android/companion/AssociationInfo.java"
},
"deprecated": false,
"digest": {
"function_hash": "160420168712957093804895652898128309856",
"length": 675.0
},
"signature_type": "Function",
"id": "ASB-A-386802855-3dd5e121"
},
{
"deprecated": false,
"digest": {
"function_hash": "20747031276283511669891740431370881221",
"length": 62.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "clearAssociationTag",
"file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
},
"match_only_versions": [
"16-next"
],
"id": "ASB-A-386802855-41c5c496"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "equals",
"file": "core/java/android/companion/AssociationInfo.java"
},
"deprecated": false,
"digest": {
"function_hash": "238378862376690198140066630200762152683",
"length": 986.0
},
"signature_type": "Function",
"id": "ASB-A-386802855-46c083dc"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"file": "core/java/android/companion/AssociationInfo.java"
},
"deprecated": false,
"digest": {
"line_hashes": [
"130598604353488569857414621140361442234",
"35571203997948103524929728358431092680",
"214898924598050778814155734227919302593",
"116434952146272645373366594362794187650",
"315152581309744575987053789491332266570",
"247076027112075859348892526836778603723",
"152644482702124509747985712762188359081",
"72596424720214208156066888927170986104",
"325604055751361384447899641672886285363",
"324315396838265725519069776874527434836",
"311113283510605347189590459189142552019",
"7698004457383715966620445711657096699",
"218743801290705807086777260236593939511",
"21580676392255144905066581189779039601",
"125503435959175874081019182937925680035",
"162642006552333855318563199651261420146",
"114258134415936548732516280680154493214",
"111317751353908443790841731797480374224",
"246161817251537188783853543050002921695",
"266729658916202573645612568985361833500",
"1445077390074008046845792775508929789",
"83832437935368060396546826475348355387",
"286853385002955853639276901108001446101",
"294327160988746753676751792691441156111",
"33907469886032640183816689241713262210",
"234411100358183658982523082929391796488",
"66632486512095025056607202082013803597",
"8136448736174778958770510133862336650",
"110616044908031552780724726491381651784",
"61049190927445387320283955273526229622",
"267586133399531091180613686484625437529",
"122529474380791922015897652547537629762",
"736013207628540693957628252044032947",
"122910382092833400966154747202374522898",
"116233015504612954397909623535208338803",
"169530473356013038374825537925500542460",
"185045992665489523474057532346179699794",
"264256736790979874281741113814261689092",
"220518802378156311535452799364500013741",
"33280825154394815868781048142302065483",
"236126322334660435587146489316313945521",
"317596696927727521797948680349632254140",
"270160106532506353473143770269419455337",
"10964844523975652213719102438412394384",
"289738172598609375225154361886714483712",
"333473111429846083966252179406050824185",
"44847940374871032017394551589272491248",
"330795035263227173705773553083142233688",
"137077597936882516036834464099366661267",
"250819371843894045095595964837843256431",
"117274320606401291417587509966309747041",
"107755533489373430002255235557168037029",
"110765975104984787640446950388240052705",
"339805471373642470167942783281860725312",
"240633928928693449452466851337712639859",
"60189041774265517065391529969770921049",
"19613103934015224100752370878736053132",
"40634222925818543553675415946472775779",
"283312239643792357053577964807233703439",
"91865967338946352150985552907631293184",
"21734202158657651161383146642708086346",
"124368981824590255536116981249160161632",
"288275373774528338963922200988349600601",
"150961783038292661323992933146046479814",
"253223229770166562079573554148604392202",
"25479939403200719962263231745097901879",
"304187852859063584057651195294961036641",
"253085405298404610818205382571829802254",
"80547274309315723108380550754513585182",
"47294944718098488681325576276884438771",
"56001159307903576068043359123897891352",
"103779568912529634315299395800461489481",
"203069610154539372918057471139723788452",
"330577212756120074542112170339096784956",
"226122481083702727702514240453132016435",
"299452187267015060798403081850225870142",
"65552309966110657985005735891107786357",
"235012428979721968155497489106167174236",
"141772776797522812459961409013829908991",
"275048076964591117245019247333966802865",
"60685636412905081085274705099182001970",
"24252427741937791636056201848715741494",
"207510753323176381946788127256969712032",
"192209153320535669890550743625292006624",
"20784063254322840289168801342835379503",
"7002433371762951624339100545600617952",
"75210337233253738269201229418985098984",
"271329998014304708101212195808628350532",
"144284610185173036918100015529933480691",
"301140910069621205864505111012936939756",
"1562717987436415642429929857754321575",
"41376319132028932761496890188127587923",
"223091555367484715648202901703141036275",
"7002433371762951624339100545600617952",
"75210337233253738269201229418985098984",
"271329998014304708101212195808628350532",
"51689824769075660028555235814235847242",
"318816059486060643056110447274990256975",
"94433290740542959231177672077920714801",
"169539825528105631624215091211722758171",
"18362345759075966029375594000771827139",
"329253030906659662955973578663673043313",
"197133077684596731616020502418541880381",
"74514530212198274272461988317340776014",
"104654162025451613138481828199543896222",
"235795690292736303886893850780986397356",
"20153210201357580293749683136529792464",
"236354157024692691616961212918839424742",
"264452128040764518587454122125995548579",
"299036487386950756547680744236692304774",
"5963758851637282088454682615559090096",
"239093885906168922546396398016964909399"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "ASB-A-386802855-54ed2e6a"
},
{
"deprecated": false,
"digest": {
"function_hash": "179761223093017661547691761578900257098",
"length": 74.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "setTag",
"file": "core/java/android/companion/AssociationInfo.java"
},
"match_only_versions": [
"16-next"
],
"id": "ASB-A-386802855-561fbfc7"
},
{
"deprecated": false,
"digest": {
"function_hash": "54356481111464281872892283567869499460",
"length": 36.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "getTag",
"file": "core/java/android/companion/AssociationInfo.java"
},
"match_only_versions": [
"16-next"
],
"id": "ASB-A-386802855-5b7386e4"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "createAssociation",
"file": "services/companion/java/com/android/server/companion/association/AssociationRequestsProcessor.java"
},
"deprecated": false,
"digest": {
"function_hash": "322693761925113501731669498663534754802",
"length": 551.0
},
"signature_type": "Function",
"id": "ASB-A-386802855-5da1e2d0"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"file": "services/companion/java/com/android/server/companion/association/AssociationRequestsProcessor.java"
},
"deprecated": false,
"digest": {
"line_hashes": [
"175951104148024134131162230280489080367",
"316490597475865427651215407885748217597",
"61869487573794868539190186509473489405",
"216875036387811732114365657784996102727",
"180826721580599117167487932860755751714",
"106767381882006298891883704709853772311",
"225648788356156590627952918185148230815",
"85160897655285578185156893354275269286",
"11727231027108002346792877514741083931",
"188867983006915089077563905425588586213",
"154785920889866776625133686155060686636",
"154778124092509642119107228617399723253",
"230429303062056931008351192942536019134",
"61560700097852352108446767823518633109",
"248659241377499209544471007914509231988",
"41315848675275002935897882123004822064",
"92699829734584975998081024135669362547",
"105594801210415739628677744195735577705",
"194684016015448593908528944663620527971"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "ASB-A-386802855-61ba7d4c"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "writeAssociation",
"file": "services/companion/java/com/android/server/companion/association/AssociationDiskStore.java"
},
"deprecated": false,
"digest": {
"function_hash": "297059940960722852120197881832555921278",
"length": 1124.0
},
"signature_type": "Function",
"id": "ASB-A-386802855-92bc69d3"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "AssociationInfo",
"file": "core/java/android/companion/AssociationInfo.java"
},
"deprecated": false,
"digest": {
"function_hash": "237760326170362959378787279216028787392",
"length": 933.0
},
"signature_type": "Function",
"id": "ASB-A-386802855-947cce80"
},
{
"deprecated": false,
"digest": {
"line_hashes": [
"156602969348487928111787205405077258777",
"271861595077149930850042951058137107006",
"16016604627022531302088225222838830909",
"244856366715169020615708657636154326696",
"337305525234909228558880575799193361743",
"17965582583109407395708999489608949771",
"82380600860541297801585876653890366095",
"19260742998709645287917183755282940503",
"278572944222002372125909099051301510824",
"54050098876958210981495716578848236635",
"156798670199544118409645113511785175622",
"29032984767258355229066152824770260880",
"201493255754646056604281186448195880433",
"105382698475816092516341861025250847996",
"28284648810683380161703691828817596327",
"211045011698783033849241271252235429284",
"272493199601022137171392533143285159019",
"71321479958074129181803950925746570259",
"24814573155992938092908182315040325444",
"262213123591099471678573730336450759677",
"291984925459006056985016349686113142668",
"307975256373957068057364826112405839177",
"337305525234909228558880575799193361743",
"17965582583109407395708999489608949771",
"294538033310854689782129629687224447753",
"50299522415076740437605855791710193717",
"25280669331172250322522962811201094221",
"140935687294238453396053851697399357329",
"156798670199544118409645113511785175622",
"86772637575378958610597707080303487239",
"76967138070015381889623465022895511715",
"8451194567237147881667553656456441324",
"175127896609300533033257077897701179178",
"204029172210425823993686766130008945978"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"file": "core/java/android/companion/CompanionDeviceManager.java"
},
"match_only_versions": [
"16-next"
],
"id": "ASB-A-386802855-9c94db4a"
},
{
"deprecated": false,
"digest": {
"function_hash": "25625363981174195852180700880885418397",
"length": 311.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "setAssociationTag",
"file": "services/companion/java/com/android/server/companion/association/AssociationRequestsProcessor.java"
},
"match_only_versions": [
"16-next"
],
"id": "ASB-A-386802855-9d10cb4c"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "AssociationInfo",
"file": "core/java/android/companion/AssociationInfo.java"
},
"deprecated": false,
"digest": {
"function_hash": "307339220269925569224889427090121051356",
"length": 785.0
},
"signature_type": "Function",
"id": "ASB-A-386802855-a2e98156"
},
{
"deprecated": false,
"digest": {
"function_hash": "220113405791686986049007798988794071506",
"length": 503.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "setAssociationTag",
"file": "core/java/android/companion/CompanionDeviceManager.java"
},
"match_only_versions": [
"16-next"
],
"id": "ASB-A-386802855-b2243571"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"file": "services/companion/java/com/android/server/companion/association/AssociationDiskStore.java"
},
"deprecated": false,
"digest": {
"line_hashes": [
"176972315314412491727340056789473883659",
"182571654521646490928436158813914729024",
"45432458272356060845739172405029931319",
"190112398486625738421574965464593596172",
"330737289597982223873606767961746260193",
"134574111638850277578609399161300742910",
"157527146275911776939984374013942674639",
"44928974989915193249579108093675696105",
"107648226651372440166211606965897779859",
"194142727849371185609446541076121653046",
"230087138291731756577192972148934905174",
"173666202271050515856635272097321128405",
"261689142091303461871627850451183999422",
"335804957654218578115038658956260122632",
"234721278967383078726732049271733578660",
"262693076761927038096193635246044086300",
"144996009425447066696280296704401597422",
"77658666062262073669580057544265808284",
"204160240498843784491129876101567399686",
"162990784724714021553098516814521048500",
"72209639613386980700875825791123976861",
"45142020484308357398713868375141817436",
"196782949678196822036485460964268464630",
"267044083294932757019771461204451219738",
"189530221843499509306613310310082403118",
"7773833049829821926700537307160096728",
"208604841168810331182196823712523036498",
"322754879417666630421470555247064163610",
"45604681958919483924435637799008713840",
"271528537138612867451893924273465339948",
"228730166944857537200009299877220960934",
"43839152415112291153036748691173504791",
"188598484100647587518876140123153696938",
"287747282615273100528764518715942082751",
"96057650778480167370919914065791275701",
"149202908899798247367519327796348439221",
"312296854870604830981870698562725097382",
"10032633788305454432834613015723029452",
"55113128948392241113793270526502547572",
"207939035125111801742078720690407766851",
"70570743086939066371546623439552058053",
"124862032660798608035068283009988438044",
"21392348346408131794363228035248758109",
"236777816765015887449627353970697003185",
"65839311953457220060704314619480817386",
"244056066348549814588245496482726909231",
"243615067266591151561715530133380084647",
"158783590184092305307037890586653265462",
"238773246736866061297572917177416754334",
"88706477770828786676583935957743112127",
"247470896151190051089848728618272167376",
"50507562267079949126413905573853728480"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "ASB-A-386802855-b9de9e91"
},
{
"deprecated": false,
"digest": {
"function_hash": "192152032880072211539431986701895864137",
"length": 217.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "requireStartOfTag",
"file": "services/companion/java/com/android/server/companion/association/AssociationDiskStore.java"
},
"match_only_versions": [
"16-next"
],
"id": "ASB-A-386802855-c55be3c9"
},
{
"deprecated": false,
"digest": {
"line_hashes": [
"34817245562367208454665661586939787264",
"332314817936467487969798543248187766246",
"331631835987093207919222655970341038671",
"256828947219420819426242961037382827792",
"255166149664542437405630915497722799220",
"329839405967771507826994375464445525041"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"file": "services/companion/java/com/android/server/companion/BackupRestoreProcessor.java"
},
"match_only_versions": [
"16-next"
],
"id": "ASB-A-386802855-c659299c"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "Builder",
"file": "core/java/android/companion/AssociationInfo.java"
},
"deprecated": false,
"digest": {
"function_hash": "99909007831114795551963088624087901426",
"length": 664.0
},
"signature_type": "Function",
"id": "ASB-A-386802855-d2a58fc4"
},
{
"deprecated": false,
"digest": {
"function_hash": "112184628392327395585902838616881035885",
"length": 735.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"function": "toString",
"file": "core/java/android/companion/AssociationInfo.java"
},
"match_only_versions": [
"16-next"
],
"id": "ASB-A-386802855-e5eb5254"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fd2ae2294a4e037e16b30d6b0420509e59bcdafb",
"target": {
"file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
},
"deprecated": false,
"digest": {
"line_hashes": [
"244592067527580368914992866387401598395",
"255619104564465596248912617873826518078",
"71454443597774252258629025108576474826",
"277225080022088715521964623864929716369",
"173834802659622580327283677824167095333",
"335422303947698601418175402195792032979",
"35955864220465417222522909410618053090",
"53255439267507041537035298605908995414",
"271157315092619172875651689619277835773",
"273069331228570856296925552255655164211",
"74489112413522295897110427595199048226",
"185340919092768074004394503919327735325",
"133592891620326819182602730362290181502",
"91638748222752126002614306429569731512",
"166934677299886501135475064118104740197",
"335960718412907313367981356592162676942",
"17202238904570004712238501896528575116"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "ASB-A-386802855-f95e5923"
}
],
"types": [
"DoS"
]
}
Android / platform/packages/apps/Settings
Package
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/1bea5725035b62fda3f1f2f3d68447bf8b159ced"
],
"spl": "2025-06-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/1bea5725035b62fda3f1f2f3d68447bf8b159ced",
"target": {
"file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
},
"deprecated": false,
"digest": {
"line_hashes": [
"53255439267507041537035298605908995414",
"271157315092619172875651689619277835773",
"273069331228570856296925552255655164211",
"74489112413522295897110427595199048226"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "ASB-A-386802855-5aa4e80c"
}
],
"types": [
"DoS"
]
}