CVE-2025-48592

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description A flaw exists in the Framework component of Android operating systems related to insufficient protection of service data. Exploitation of this issue may allow an attacker to disclose protected information. A potential out-of-bounds read exists due to a heap buffer overflow within the initDecoder function of C2SoftDav1dDec.cpp, which could lead to remote information disclosure without requiring additional execution privileges or user interaction.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.