In createIntentsList of PackageParser.java , there is a possible way to bypass lazy bundle hardening, allowing modified data to be passed to the next process due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-32312 is a local elevation of privilege vulnerability affecting Google Android versions 13, 14, and 15. The flaw exists in the createIntentsList method of the PackageParser.java component, where unsafe deserialization allows an attacker to bypass lazy bundle hardening protections. Lazy bundle hardening is a security mechanism designed to prevent tampering with serialized data passed between processes. However, due to improper handling in this method, an attacker can craft modified data that is deserialized unsafely, enabling them to escalate privileges locally without requiring any additional execution privileges or user interaction. This means that a malicious app or process with limited permissions on the device could exploit this vulnerability to gain higher privileges, potentially accessing or modifying sensitive system components or data. The vulnerability does not require the attacker to have elevated privileges initially, nor does it require the victim to perform any action, making it particularly dangerous in environments where untrusted or malicious apps may be installed. Although no known exploits are currently reported in the wild, the vulnerability's nature and the affected Android versions indicate a significant risk to device security until patched. No CVSS score has been assigned yet, and no official patches or mitigation links have been published at the time of this report.

CVE Database V5

Detailed information about CVE-2025-32312: Elevation of privilege in Google Android affecting Google Android. Get real-time updates, technical details, and miti

CVE-2025-32312: Elevation of privilege in Google Android - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-32312: Elevation of privilege in Google Android

In allowPackageAccess of multiple files, resource exhaustion is possible when repeatedly adding allowed packages. This could lead to a local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-26463 is a vulnerability identified in Google Android versions 13, 14, and 15, specifically within the allowPackageAccess functionality. The issue arises from resource exhaustion caused by repeatedly adding allowed packages, which can lead to a local persistent denial of service (DoS) condition. This vulnerability does not require any additional execution privileges or user interaction to exploit, meaning that an attacker with local access to the device can trigger the condition without needing to trick the user or escalate privileges. The root cause is the improper handling of resource allocation when managing allowed packages, leading to exhaustion of system resources such as memory or handles. The persistent nature of the DoS indicates that the system remains in a degraded or non-functional state until a reboot or other recovery action is taken. Although no known exploits are currently reported in the wild, the vulnerability's characteristics make it a concern for devices running the affected Android versions. The absence of a CVSS score suggests that the vulnerability has not yet been fully assessed for severity, but the technical details indicate a significant impact on availability. Since the vulnerability is local and does not require user interaction, it could be exploited by malicious apps or users with local access to the device, such as through physical access or via other compromised apps. The lack of patch links implies that fixes may not yet be publicly available, increasing the urgency for mitigation and monitoring.

Detailed information about CVE-2025-26463: Denial of service in Google Android affecting Google Android. Get real-time updates, technical details, and mitigatio

CVE-2025-26463: Denial of service in Google Android - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-26463: Denial of service in Google Android

In AccessibilityServiceConnection.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Detailed information about CVE-2025-26462: Elevation of privilege in Google Android affecting Google Android. Get real-time updates, technical details, and miti

CVE-2025-26462: Elevation of privilege in Google Android - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-26462: Elevation of privilege in Google Android

In multiple functions of LocationProviderManager.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Detailed information about CVE-2025-26458: Elevation of privilege in Google Android affecting Google Android. Get real-time updates, technical details, and miti

CVE-2025-26458: Elevation of privilege in Google Android - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-26458: Elevation of privilege in Google Android

In multiple functions of DexUseManagerLocal.java, there is a possible way to crash system server due to a logic error in the code. This could lead to local permanent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Detailed information about CVE-2025-26456: Denial of service in Google Android affecting Google Android. Get real-time updates, technical details, and mitigatio

CVE-2025-26456: Denial of service in Google Android - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-26456: Denial of service in Google Android

In isContentUriForOtherUser of BluetoothOppSendFileInfo.java, there is a possible cross user data leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Detailed information about CVE-2025-26453: Information disclosure in Google Android affecting Google Android. Get real-time updates, technical details, and miti

CVE-2025-26453: Information disclosure in Google Android

CVE-2025-26453: Information disclosure in Google Android

Description

Technical Details

Related Threats

CVE-2025-32312: Elevation of privilege in Google Android

CVE-2025-26463: Denial of service in Google Android

CVE-2025-26462: Elevation of privilege in Google Android

CVE-2025-26458: Elevation of privilege in Google Android

CVE-2025-26456: Denial of service in Google Android

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility