5.5

CVE-2025-26456

In multiple functions of DexUseManagerLocal.java, there is a possible way to crash system server due to a logic error in the code. This could lead to local permanent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleAndroid Version14.0
GoogleAndroid Version15.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.09% 0.007
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-703 Improper Check or Handling of Exceptional Conditions

The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.

https://source.android.com/security/bulletin/2025-06-01
Vendor Advisory
https://android.googlesource.com/platform/art/+/1aedae6e1049aa794b3554183bf07634c8fa291b
Product
https://android.googlesource.com/platform/art/+/3c76194d116bad95e11bda345feaedda6c02c8b4
Product
https://android.googlesource.com/platform/art/+/06a99377e368b688dbeb4e6bb11b6e1dfca8bb70
Product