CVE-2025-48637

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description The Android operating system’s pKVM (protected Kernel-based Virtual Machine) virtualization technology contains synchronization errors when adding pages to the memory cache, resulting in a race condition. Exploitation may allow an attacker to gain elevated privileges. Multiple functions within mem protect.c are susceptible to an out-of-bounds write condition caused by an integer overflow, potentially leading to local privilege escalation without requiring additional execution privileges or user interaction.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.