Out of Bounds Write Vulnerability in Android Kernel by Google
CVE-2025-48637

Currently unrated

Key Information:

Vendor: Google
Status: Android
Vendor: CVE Published:; 8 December 2025

What is CVE-2025-48637?

In multiple functions within the mem_protect.c file of the Android Kernel, an out of bounds write vulnerability exists due to an integer overflow. This issue may allow attackers to escalate privileges locally without the need for additional execution rights. Furthermore, the exploitation of this vulnerability does not require user interaction, presenting a significant risk to the security of systems utilizing affected versions of the Android Kernel.

Affected Version(s)

Android Android kernel

References

https://android.googlesource.com/kernel/common/+/4cfc9c2d...

https://android.googlesource.com/kernel/common/+/aff2255d...

https://source.android.com/security/bulletin/2025-12-01

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 8, 2025
Vulnerability Reserved
May 22, 2025

JSON