Out of Bounds Write Vulnerability in Android Pixel Devices
CVE-2025-36908
Currently unrated
What is CVE-2025-36908?
The vulnerability in the lwis_top_register_io function of lwis_device_top.c presents a serious security window due to an incorrect bounds check. This flaw may allow an attacker to perform an out of bounds write, potentially leading to local escalation of privileges. Importantly, exploitation of this vulnerability does not require any user interaction, which raises significant security concerns for affected Android Pixel device users.
Affected Version(s)
Android Android kernel