Local Temporary DoS and OOB Read in Pixel Devices by Android
CVE-2025-27701
5.5MEDIUM
What is CVE-2025-27701?
A vulnerability in the process_crypto_cmd function of Pixel devices allows for potential null pointer dereferencing. This occurs when pointers returned from slice_map_array() are not properly checked for null values before being dereferenced, leading to local temporary denial of service (DoS) and out-of-bounds (OOB) read situations. This flaw can ultimately result in information disclosure, posing a risk to sensitive user data.
Affected Version(s)
Android Android kernel