ASB-A-443742829
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-443742829.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-443742829
- Aliases
-
- A-443742829
- CVE-2025-48632
- Published
- 2025-12-01T00:00:00Z
- Modified
- 2026-03-30T15:20:36.199724Z
- Summary
- [none]
- Details
-
In setDisplayName of AssociationRequest.java, there is a possible way to cause CDM associations to persist after the user has disassociated them due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/92dc1af578462212ac04a063bdc407100305436e"
],
"spl": "2025-12-01",
"vanir_signatures": [
{
"match_only_versions": [
"16-qpr2-next"
],
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "setDisplayName"
},
"id": "ASB-A-443742829-0cd06887",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/92dc1af578462212ac04a063bdc407100305436e",
"digest": {
"function_hash": "28004645345344355699729640648605172658",
"length": 284.0
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "AssociationRequest"
},
"id": "ASB-A-443742829-3dddb27e",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/92dc1af578462212ac04a063bdc407100305436e",
"digest": {
"function_hash": "214945054854633472258654250911506280402",
"length": 486.0
}
},
{
"match_only_versions": [
"16-qpr2-next"
],
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "setDisplayName"
},
"id": "ASB-A-443742829-4189a1d7",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/92dc1af578462212ac04a063bdc407100305436e",
"digest": {
"function_hash": "259370121685768045263040026203907129638",
"length": 57.0
}
},
{
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java"
},
"id": "ASB-A-443742829-c041cb9a",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/92dc1af578462212ac04a063bdc407100305436e",
"digest": {
"line_hashes": [
"127032158101215071857948778004421295027",
"261906205169306437236945321627698965301",
"292568038487483929121246109272029576413",
"210090398096600233208955557406483090043",
"182774005629593579391363224269926583565",
"240382801211918711678877591688519401327",
"106833879100579711315299667745247358533",
"20362024773217709447411941482548506351",
"162857856128072224597535848492271027745",
"443969255866971973160024504367666505",
"144134265046655980911436810712702752023",
"147870169047473277227489460219500934729",
"185407438599804180876075699635479756562",
"315552418116178038487450156398866878893",
"93599973764947734099641009692792086373",
"310118061060155593195113019069566432176",
"210595325358920498410262488170660927742"
],
"threshold": 0.9
}
}
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/c27094d481e10d30585f5bbba95fd5188e1847f0"
],
"spl": "2025-12-01",
"vanir_signatures": [
{
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "AssociationRequest"
},
"id": "ASB-A-443742829-4451b2e4",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/c27094d481e10d30585f5bbba95fd5188e1847f0",
"digest": {
"function_hash": "25507047400613990863916323832332658705",
"length": 348.0
}
},
{
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java"
},
"id": "ASB-A-443742829-7a788fc8",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/c27094d481e10d30585f5bbba95fd5188e1847f0",
"digest": {
"line_hashes": [
"226687171322059760035163430715224975588",
"101735109259856570215759161802626317633",
"44159805822028748717551128500138612254",
"340009000210209828359847840402022960775",
"182774005629593579391363224269926583565",
"240382801211918711678877591688519401327",
"106833879100579711315299667745247358533",
"20362024773217709447411941482548506351",
"162857856128072224597535848492271027745",
"443969255866971973160024504367666505",
"144134265046655980911436810712702752023",
"147870169047473277227489460219500934729",
"185407438599804180876075699635479756562",
"315552418116178038487450156398866878893",
"93599973764947734099641009692792086373",
"310118061060155593195113019069566432176",
"210595325358920498410262488170660927742"
],
"threshold": 0.9
}
},
{
"match_only_versions": [
"15"
],
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "setDisplayName"
},
"id": "ASB-A-443742829-ea7cd91e",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/c27094d481e10d30585f5bbba95fd5188e1847f0",
"digest": {
"function_hash": "259370121685768045263040026203907129638",
"length": 57.0
}
},
{
"match_only_versions": [
"15"
],
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "setDisplayName"
},
"id": "ASB-A-443742829-f8685e6a",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/c27094d481e10d30585f5bbba95fd5188e1847f0",
"digest": {
"function_hash": "28004645345344355699729640648605172658",
"length": 284.0
}
}
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/110f3e5843d87e4a994eb07160064ca3552355dd"
],
"spl": "2025-12-01",
"vanir_signatures": [
{
"match_only_versions": [
"16"
],
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "AssociationRequest"
},
"id": "ASB-A-443742829-11e12a76",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/110f3e5843d87e4a994eb07160064ca3552355dd",
"digest": {
"function_hash": "8001921324092845741738512579158245676",
"length": 434.0
}
},
{
"match_only_versions": [
"16"
],
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "setDisplayName"
},
"id": "ASB-A-443742829-5dc34c9a",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/110f3e5843d87e4a994eb07160064ca3552355dd",
"digest": {
"function_hash": "259370121685768045263040026203907129638",
"length": 57.0
}
},
{
"match_only_versions": [
"16"
],
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java"
},
"id": "ASB-A-443742829-6c0d6141",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/110f3e5843d87e4a994eb07160064ca3552355dd",
"digest": {
"line_hashes": [
"283729514524476111226187398516472334034",
"110243433303675214941263859318474014234",
"219689180958770822558324454683291173565",
"288037343717614082245628522746599378099",
"182774005629593579391363224269926583565",
"240382801211918711678877591688519401327",
"106833879100579711315299667745247358533",
"20362024773217709447411941482548506351",
"162857856128072224597535848492271027745",
"443969255866971973160024504367666505",
"144134265046655980911436810712702752023",
"147870169047473277227489460219500934729",
"185407438599804180876075699635479756562",
"315552418116178038487450156398866878893",
"93599973764947734099641009692792086373",
"310118061060155593195113019069566432176",
"210595325358920498410262488170660927742"
],
"threshold": 0.9
}
},
{
"match_only_versions": [
"16"
],
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "setDisplayName"
},
"id": "ASB-A-443742829-9530bb27",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/110f3e5843d87e4a994eb07160064ca3552355dd",
"digest": {
"function_hash": "28004645345344355699729640648605172658",
"length": 284.0
}
}
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/1998ea7078f9c129267e42cd83efd3a85e1be57b"
],
"spl": "2025-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java"
},
"id": "ASB-A-443742829-915376bb",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/1998ea7078f9c129267e42cd83efd3a85e1be57b",
"digest": {
"line_hashes": [
"147269419953227440488681118598688817780",
"52548465390990484745093659737434703888",
"25730624046464827620604150295925541558",
"226687171322059760035163430715224975588",
"101735109259856570215759161802626317633",
"44159805822028748717551128500138612254",
"340009000210209828359847840402022960775",
"182774005629593579391363224269926583565",
"240382801211918711678877591688519401327",
"106833879100579711315299667745247358533",
"20362024773217709447411941482548506351",
"65451055277332140781696211045567087548",
"323374279332395481658706680841602322999",
"129426677134537346045811415153629904845",
"136430090691858713646855412254835896610",
"129514122091882860967805441408399656850",
"328328895007588091968499060994988435413",
"93599973764947734099641009692792086373",
"310118061060155593195113019069566432176",
"210595325358920498410262488170660927742"
],
"threshold": 0.9
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "AssociationRequest"
},
"id": "ASB-A-443742829-afab5161",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/1998ea7078f9c129267e42cd83efd3a85e1be57b",
"digest": {
"function_hash": "25507047400613990863916323832332658705",
"length": 348.0
}
},
{
"match_only_versions": [
"14"
],
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "setDisplayName"
},
"id": "ASB-A-443742829-b149a990",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/1998ea7078f9c129267e42cd83efd3a85e1be57b",
"digest": {
"function_hash": "259370121685768045263040026203907129638",
"length": 57.0
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "setDisplayName"
},
"id": "ASB-A-443742829-ed034046",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/1998ea7078f9c129267e42cd83efd3a85e1be57b",
"digest": {
"function_hash": "86640055349124604017859357467180140315",
"length": 239.0
}
}
],
"severity": "High"
}