Out-of-Bounds Write Vulnerability in Android Pixel Devices
CVE-2025-36900
Currently unrated
What is CVE-2025-36900?
A potential out-of-bounds write vulnerability exists in the lwis_test_register_io function of lwis_device_test.c within Android Pixel devices. This issue arises from an integer overflow scenario, enabling local privilege escalation to System execution privileges. Crucially, the exploitation of this vulnerability does not require any user interaction, making it a notable security concern for affected devices.
Affected Version(s)
Android Android kernel