CVE-2025-36922_CVE-2025-36922

6.7 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Description

In bigo_map of bigo_iommu.c, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege in the OS Kernel level with System execution privileges needed. User interaction is not needed for exploitation.

Basic Information

ID CVE-2025-36922

Source Google_Devices

Published Dec 11, 2025 at 19:35

Modified Dec 11, 2025 at 20:58

Affected Product

Vendor Google

Product Android

Version Android kernel

Affected Versions Google Android Android kernel

CWE Classification

CWE-416

References

source.android.com /security/bulletin/pixel/2025-12-01

{
    "lastseen": "",
    "description": "In bigo_map of bigo_iommu.c, there is a possible information disclosure  due to a use after free. This could lead to local escalation of privilege in the OS Kernel level with System execution privileges needed. User interaction is not needed for exploitation.",
    "published": "2025-12-11T19:35:37.661Z",
    "modified": "2025-12-11T20:58:26.397Z",
    "type": "cve",
    "title": "CVE-2025-36922",
    "source": "Google_Devices",
    "references": "https://source.android.com/security/bulletin/pixel/2025-12-01",
    "id": "CVE-2025-36922",
    "bulletinFamily": "",
    "cwe": [
        "CWE-416"
    ],
    "cvelist": null,
    "sourceData": "Google Android Android kernel",
    "sourceHref": "",
    "cvss": {
        "score": 6.7,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Android",
    "version": "Android kernel",
    "vendor": "Google",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}