Privilege Escalation Vulnerability in GXP Mapping for Android Products
CVE-2025-36905

Currently unrated

Key Information:

Vendor: Google
Status: Android
Vendor: CVE Published:; 4 September 2025

What is CVE-2025-36905?

A privilege escalation vulnerability exists in the GXP Mapping component within the Android operating system. A logic error within the gxp_mapping_create function can allow an attacker to escalate privileges locally without the need for additional execution permissions or user interaction. This vulnerability emphasizes the importance of securing code logic to prevent unauthorized access and control within the affected systems. Organizations using the Android OS should review their configurations to mitigate potential exploitation risks associated with this flaw.

Affected Version(s)

Android Android kernel

References

https://source.android.com/security/bulletin/pixel/2025-0...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2025
Vulnerability Reserved
Apr 16, 2025

Google

What is CVE-2025-36905?

Affected Version(s)

References

Timeline