CVE-2025-48631

CVSS v2.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description A flaw exists in the Framework component of Android operating systems related to insufficient protection of service data. Successful exploitation may allow a remote attacker to cause a denial of service. In LocalImageResolver.java, specifically within the

onHeaderDecoded

function, a potential persistent denial of service can occur due to resource exhaustion, potentially leading to remote denial of service without requiring additional execution privileges or user interaction.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Resource Exhaustion

Information Disclosure

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-200CWE-770

Related Identifiers

BDU:2025-15021

CVE-2025-48631

Affected Products

Android

CVE-2025-48631

Weakness Enumeration

Related Identifiers

Affected Products

References · 18