Heap Buffer Overflow in cn_NrmmDecoder.cpp Affects Pixel Devices by Google
CVE-2025-36923
Currently unrated
What is CVE-2025-36923?
A vulnerability exists in the NrmmDecoder::DecodeSORTransparentContext function within cn_NrmmDecoder.cpp, which can lead to a potential out of bounds write due to a heap buffer overflow. This may allow an adjacent or remote user to escalate privileges without the need for additional execution privileges. No user interaction is required for exploitation, highlighting the importance of prompt updates and patches to address this security concern.
Affected Version(s)
Android Android kernel