ASB-A-417987184

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-417987184.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-417987184
Aliases
  • A-417987184
  • CVE-2025-48590
Published
2025-12-01T00:00:00Z
Modified
2025-12-11T17:03:05.429819Z
Summary
[none]
Details

In verifyAndGetBypass of AppOpsService.java, there is a possible method for a malicious app to prevent dialing emergency services under limited circumstances due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android

platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
16-qpr2-next:0
Fixed
16-qpr2-next:2025-12-01

Affected versions

Other

16-qpr2-next

Ecosystem specific 

{
    "spl": "2025-12-01",
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/5d6c7c7398b72fd87109f05736d564c3fc864c03",
            "id": "ASB-A-417987184-3202573c",
            "digest": {
                "function_hash": "107987251603074649599679228601958572937",
                "length": 3257.0
            },
            "target": {
                "file": "services/core/java/com/android/server/appop/AppOpsService.java",
                "function": "verifyAndGetBypass"
            },
            "signature_type": "Function",
            "deprecated": false
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/5d6c7c7398b72fd87109f05736d564c3fc864c03",
            "id": "ASB-A-417987184-982057c6",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "122032237867793359503385410897799307667",
                    "156155429116174769644180022778128821838",
                    "215349625614946463718766598273379340132",
                    "161844371586358178081024413220028316254",
                    "188468820934151521318154943420384289769",
                    "145224855023549399626326026535633052495",
                    "55985125091262428310077122093080587070",
                    "133507827678023694045493948098552993667",
                    "169577235109087482023521199224221730098",
                    "309669604299879269547085043680197145464",
                    "115335732125717956262987018806606877528",
                    "191267812288229905243760282068714442737",
                    "288506178136768389538268915355959563242",
                    "335520499112600269098447791619460204415",
                    "260676522390826525136349345729999291847",
                    "311837802291323310180218656580630438966",
                    "153602921202138456698164535612985330896",
                    "334187185228788749185014110470755200965"
                ]
            },
            "target": {
                "file": "services/core/java/com/android/server/appop/AppOpsService.java"
            },
            "signature_type": "Line",
            "deprecated": false
        }
    ],
    "severity": "High",
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/5d6c7c7398b72fd87109f05736d564c3fc864c03"
    ],
    "types": [
        "DoS"
    ]
}

platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
15:0
Fixed
15:2025-12-01

Affected versions

Other

15

Ecosystem specific 

{
    "spl": "2025-12-01",
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/c4287772ec8b80b3d1b456a8f5339b8e89506a08",
            "id": "ASB-A-417987184-8aaa5d1c",
            "digest": {
                "function_hash": "107987251603074649599679228601958572937",
                "length": 3257.0
            },
            "target": {
                "file": "services/core/java/com/android/server/appop/AppOpsService.java",
                "function": "verifyAndGetBypass"
            },
            "signature_type": "Function",
            "deprecated": false
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/c4287772ec8b80b3d1b456a8f5339b8e89506a08",
            "id": "ASB-A-417987184-8d7524f8",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "122032237867793359503385410897799307667",
                    "38940627523916498810355868768297406477",
                    "255632137023202483845105932139725455515",
                    "110657077058411777353580045847032115503",
                    "188468820934151521318154943420384289769",
                    "145224855023549399626326026535633052495",
                    "55985125091262428310077122093080587070",
                    "133507827678023694045493948098552993667",
                    "169577235109087482023521199224221730098",
                    "309669604299879269547085043680197145464",
                    "115335732125717956262987018806606877528",
                    "191267812288229905243760282068714442737",
                    "288506178136768389538268915355959563242",
                    "335520499112600269098447791619460204415",
                    "260676522390826525136349345729999291847",
                    "311837802291323310180218656580630438966",
                    "153602921202138456698164535612985330896",
                    "334187185228788749185014110470755200965"
                ]
            },
            "target": {
                "file": "services/core/java/com/android/server/appop/AppOpsService.java"
            },
            "signature_type": "Line",
            "deprecated": false
        }
    ],
    "severity": "High",
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/c4287772ec8b80b3d1b456a8f5339b8e89506a08"
    ],
    "types": [
        "DoS"
    ]
}

platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
16:0
Fixed
16:2025-12-01

Affected versions

Other

16

Ecosystem specific 

{
    "spl": "2025-12-01",
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d868e9c0ae36a335d0205adc2cbe8387b575f720",
            "id": "ASB-A-417987184-34f29a63",
            "digest": {
                "function_hash": "107987251603074649599679228601958572937",
                "length": 3257.0
            },
            "target": {
                "file": "services/core/java/com/android/server/appop/AppOpsService.java",
                "function": "verifyAndGetBypass"
            },
            "signature_type": "Function",
            "deprecated": false
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d868e9c0ae36a335d0205adc2cbe8387b575f720",
            "id": "ASB-A-417987184-5f09b372",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "122032237867793359503385410897799307667",
                    "156155429116174769644180022778128821838",
                    "215349625614946463718766598273379340132",
                    "161844371586358178081024413220028316254",
                    "188468820934151521318154943420384289769",
                    "145224855023549399626326026535633052495",
                    "55985125091262428310077122093080587070",
                    "133507827678023694045493948098552993667",
                    "169577235109087482023521199224221730098",
                    "309669604299879269547085043680197145464",
                    "115335732125717956262987018806606877528",
                    "191267812288229905243760282068714442737",
                    "288506178136768389538268915355959563242",
                    "335520499112600269098447791619460204415",
                    "260676522390826525136349345729999291847",
                    "311837802291323310180218656580630438966",
                    "153602921202138456698164535612985330896",
                    "334187185228788749185014110470755200965"
                ]
            },
            "target": {
                "file": "services/core/java/com/android/server/appop/AppOpsService.java"
            },
            "signature_type": "Line",
            "deprecated": false
        }
    ],
    "severity": "High",
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/d868e9c0ae36a335d0205adc2cbe8387b575f720"
    ],
    "types": [
        "DoS"
    ]
}

platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2025-12-01

Affected versions

Other

13

Ecosystem specific 

{
    "spl": "2025-12-01",
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/b805973647ade1560bde6e56635cef6cf17dede2",
            "id": "ASB-A-417987184-408b669b",
            "digest": {
                "function_hash": "31171044321925627118014968012572079177",
                "length": 3249.0
            },
            "target": {
                "file": "services/core/java/com/android/server/appop/AppOpsService.java",
                "function": "verifyAndGetBypass"
            },
            "signature_type": "Function",
            "deprecated": false
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/b805973647ade1560bde6e56635cef6cf17dede2",
            "id": "ASB-A-417987184-f91d9b83",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "122032237867793359503385410897799307667",
                    "170562538715311768077259262439347698926",
                    "21424563948239946525148242708907887986",
                    "162959231775521271527020648845254733100",
                    "188468820934151521318154943420384289769",
                    "145224855023549399626326026535633052495",
                    "55985125091262428310077122093080587070",
                    "133507827678023694045493948098552993667",
                    "169577235109087482023521199224221730098",
                    "309669604299879269547085043680197145464",
                    "115335732125717956262987018806606877528",
                    "191267812288229905243760282068714442737",
                    "288506178136768389538268915355959563242",
                    "335520499112600269098447791619460204415",
                    "260676522390826525136349345729999291847",
                    "311837802291323310180218656580630438966",
                    "153602921202138456698164535612985330896",
                    "334187185228788749185014110470755200965"
                ]
            },
            "target": {
                "file": "services/core/java/com/android/server/appop/AppOpsService.java"
            },
            "signature_type": "Line",
            "deprecated": false
        }
    ],
    "severity": "High",
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/b805973647ade1560bde6e56635cef6cf17dede2"
    ],
    "types": [
        "DoS"
    ]
}

platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14:0
Fixed
14:2025-12-01

Affected versions

Other

14

Ecosystem specific 

{
    "spl": "2025-12-01",
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/5a81a2377765a417e1e524001666973c67497baf",
            "id": "ASB-A-417987184-7f27b184",
            "digest": {
                "function_hash": "107987251603074649599679228601958572937",
                "length": 3257.0
            },
            "target": {
                "file": "services/core/java/com/android/server/appop/AppOpsService.java",
                "function": "verifyAndGetBypass"
            },
            "signature_type": "Function",
            "deprecated": false
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/5a81a2377765a417e1e524001666973c67497baf",
            "id": "ASB-A-417987184-c57ab86a",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "122032237867793359503385410897799307667",
                    "30413121017328971018679105563220169574",
                    "144111667346613017016389351581968285737",
                    "49647609255834559841902509644406963131",
                    "188468820934151521318154943420384289769",
                    "145224855023549399626326026535633052495",
                    "55985125091262428310077122093080587070",
                    "133507827678023694045493948098552993667",
                    "169577235109087482023521199224221730098",
                    "309669604299879269547085043680197145464",
                    "115335732125717956262987018806606877528",
                    "191267812288229905243760282068714442737",
                    "288506178136768389538268915355959563242",
                    "335520499112600269098447791619460204415",
                    "260676522390826525136349345729999291847",
                    "311837802291323310180218656580630438966",
                    "153602921202138456698164535612985330896",
                    "334187185228788749185014110470755200965"
                ]
            },
            "target": {
                "file": "services/core/java/com/android/server/appop/AppOpsService.java"
            },
            "signature_type": "Line",
            "deprecated": false
        }
    ],
    "severity": "High",
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/5a81a2377765a417e1e524001666973c67497baf"
    ],
    "types": [
        "DoS"
    ]
}