Description

In ProcessArea of dng_misc_opcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

INFO

Published Date :

2025-12-08T16:57:39.354Z

Last Modified :

2025-12-17T15:58:33.781Z

Source :

google_android
AFFECTED PRODUCTS

The following products are affected by CVE-2025-48622 vulnerability.

Vendors Products
Google
  • Android
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-48622.

URL Resource
https://android.googlesource.com/platform/cts/+/1bcf948f5e555ad7b9b54549698c3e569d7a0af5 cve-icon cve-icon
https://android.googlesource.com/platform/external/dng_sdk/+/de700ad461e35af50b28b861943a0b0753b10929 cve-icon cve-icon
https://android.googlesource.com/platform/external/skia/+/40c3f0a50fb9b47f543be0949f9004e77510f494 cve-icon cve-icon
https://source.android.com/security/bulletin/2025-12-01 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact