ASB-A-430568718
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-430568718.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-430568718
- Aliases
-
- A-430568718
- CVE-2025-48614
- Published
- 2025-12-01T00:00:00Z
- Modified
- 2025-12-11T16:45:12.860391Z
- Summary
- [none]
- Details
-
In rebootWipeUserData of RecoverySystem.java, there is a possible way to factory reset the device while in DSU mode due to a missing permission check. This could lead to physical denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2025-12-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/72f795b3bcb0c98971f5f15689c9399c8160bfcb",
"id": "ASB-A-430568718-0e670723",
"digest": {
"function_hash": "76421515011860320014570075502567652354",
"length": 1436.0
},
"target": {
"file": "core/java/android/os/RecoverySystem.java",
"function": "rebootWipeUserData"
},
"signature_type": "Function",
"deprecated": false
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/72f795b3bcb0c98971f5f15689c9399c8160bfcb",
"id": "ASB-A-430568718-b55a8541",
"digest": {
"threshold": 0.9,
"line_hashes": [
"269248373998600226275533148607210253689",
"222380702083901883222102459968461839467",
"282461293848857152542591188526176889530",
"270028746291264465933292988178428669578",
"325856023358993064821580790567210336502",
"154431341608539965336464916639016996996",
"178340145540083051072777725291806384465",
"115776975346740262471787869178933106568",
"120116992438438021366100456728984052227",
"133795292970660049186326309057234612009",
"72756317919712360037787139582870286389"
]
},
"target": {
"file": "core/java/android/os/RecoverySystem.java"
},
"signature_type": "Line",
"deprecated": false
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/72f795b3bcb0c98971f5f15689c9399c8160bfcb"
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2025-12-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/156dac8a424208057390dd27f78307eab0281af0",
"id": "ASB-A-430568718-9cb3fd5a",
"digest": {
"function_hash": "76421515011860320014570075502567652354",
"length": 1436.0
},
"target": {
"file": "core/java/android/os/RecoverySystem.java",
"function": "rebootWipeUserData"
},
"signature_type": "Function",
"deprecated": false
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/156dac8a424208057390dd27f78307eab0281af0",
"id": "ASB-A-430568718-bc978871",
"digest": {
"threshold": 0.9,
"line_hashes": [
"269248373998600226275533148607210253689",
"222380702083901883222102459968461839467",
"282461293848857152542591188526176889530",
"270028746291264465933292988178428669578",
"325856023358993064821580790567210336502",
"154431341608539965336464916639016996996",
"178340145540083051072777725291806384465",
"115776975346740262471787869178933106568",
"120116992438438021366100456728984052227",
"133795292970660049186326309057234612009",
"72756317919712360037787139582870286389"
]
},
"target": {
"file": "core/java/android/os/RecoverySystem.java"
},
"signature_type": "Line",
"deprecated": false
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/156dac8a424208057390dd27f78307eab0281af0"
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2025-12-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/0846e0773b3f2fc54ec2e9674f55115f84d64e1e",
"id": "ASB-A-430568718-7d6373d2",
"digest": {
"function_hash": "76421515011860320014570075502567652354",
"length": 1436.0
},
"target": {
"file": "core/java/android/os/RecoverySystem.java",
"function": "rebootWipeUserData"
},
"signature_type": "Function",
"deprecated": false
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/0846e0773b3f2fc54ec2e9674f55115f84d64e1e",
"id": "ASB-A-430568718-8264ec74",
"digest": {
"threshold": 0.9,
"line_hashes": [
"269248373998600226275533148607210253689",
"222380702083901883222102459968461839467",
"282461293848857152542591188526176889530",
"270028746291264465933292988178428669578",
"325856023358993064821580790567210336502",
"154431341608539965336464916639016996996",
"178340145540083051072777725291806384465",
"115776975346740262471787869178933106568",
"120116992438438021366100456728984052227",
"133795292970660049186326309057234612009",
"72756317919712360037787139582870286389"
]
},
"target": {
"file": "core/java/android/os/RecoverySystem.java"
},
"signature_type": "Line",
"deprecated": false
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/0846e0773b3f2fc54ec2e9674f55115f84d64e1e"
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2025-12-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/568e869321c1f13036a1b922625e1a713426f890",
"id": "ASB-A-430568718-888846dd",
"digest": {
"function_hash": "282362617145924826965008281781698232913",
"length": 1351.0
},
"target": {
"file": "core/java/android/os/RecoverySystem.java",
"function": "rebootWipeUserData"
},
"signature_type": "Function",
"deprecated": false
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/568e869321c1f13036a1b922625e1a713426f890",
"id": "ASB-A-430568718-986b0eee",
"digest": {
"threshold": 0.9,
"line_hashes": [
"269248373998600226275533148607210253689",
"222380702083901883222102459968461839467",
"282461293848857152542591188526176889530",
"270028746291264465933292988178428669578",
"11041327084402580920241686294457413431",
"38007437332597978895441645623598737235",
"118711258486853669429896570521845340043",
"115776975346740262471787869178933106568",
"120116992438438021366100456728984052227",
"133795292970660049186326309057234612009",
"72756317919712360037787139582870286389"
]
},
"target": {
"file": "core/java/android/os/RecoverySystem.java"
},
"signature_type": "Line",
"deprecated": false
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/568e869321c1f13036a1b922625e1a713426f890"
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2025-12-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/81c13460b5531e45bc5c7f6b93b3fff3e61e0da2",
"id": "ASB-A-430568718-51974efe",
"digest": {
"function_hash": "282362617145924826965008281781698232913",
"length": 1351.0
},
"target": {
"file": "core/java/android/os/RecoverySystem.java",
"function": "rebootWipeUserData"
},
"signature_type": "Function",
"deprecated": false
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/81c13460b5531e45bc5c7f6b93b3fff3e61e0da2",
"id": "ASB-A-430568718-ba7abb64",
"digest": {
"threshold": 0.9,
"line_hashes": [
"269248373998600226275533148607210253689",
"222380702083901883222102459968461839467",
"282461293848857152542591188526176889530",
"270028746291264465933292988178428669578",
"11041327084402580920241686294457413431",
"38007437332597978895441645623598737235",
"118711258486853669429896570521845340043",
"115776975346740262471787869178933106568",
"120116992438438021366100456728984052227",
"133795292970660049186326309057234612009",
"72756317919712360037787139582870286389"
]
},
"target": {
"file": "core/java/android/os/RecoverySystem.java"
},
"signature_type": "Line",
"deprecated": false
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/81c13460b5531e45bc5c7f6b93b3fff3e61e0da2"
],
"severity": "High"
}