PUB-A-384814655

See a problem?

Import Source

https://storage.googleapis.com/android-osv/PUB-A-384814655.json

JSON Data

https://api.osv.dev/v1/vulns/PUB-A-384814655

Aliases

A-384814655
CVE-2025-27701

Published

2025-05-01T00:00:00Z

Modified

2026-04-17T15:55:28.020024Z

Summary

[none]

Details

In the function processcryptocmd, the values of ptrs[i] can be potentially equal to NULL which is valid value after calling slicemaparray(). Later this values will be derefenced without prior NULL check, which can lead to local Temporary DoS or OOB Read, leading to information disclosure.

References

https://source.android.com/security/bulletin/2025-05-01

Affected packages

Android / :unknown:

Package

Name: :unknown:

Affected ranges

Type: ECOSYSTEM
Events: Introduced

Pixel-family specific:0

Fixed

Pixel-family specific:2025-05-05

Affected versions

Other

Pixel-family specific

Ecosystem specific

{
    "types": [
        "ID"
    ],
    "spl": "2025-05-05",
    "severity": "High"
}

Database specific

source

"https://storage.googleapis.com/android-osv/PUB-A-384814655.json"