CVE-2025-48631

CVSS v2.0

High

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description A flaw exists in the Framework component of Android operating systems related to insufficient protection of service data. Successful exploitation may allow a remote attacker to cause a denial of service. In LocalImageResolver.java, specifically within the onHeaderDecoded function, a potential persistent denial of service can occur due to resource exhaustion, potentially leading to remote denial of service without requiring additional execution privileges or user interaction.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Information Disclosure

Resource Exhaustion

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-400CWE-770

Related Identifiers

ASB-A-444671303

BDU:2025-15021

CVE-2025-48631

Affected Products

Android

CVE-2025-48631

Weakness Enumeration

Related Identifiers

Affected Products

References · 25