ГлавнаяУязвимости → CVE-2025-0081
7.5высокая

CVE-2025-0081

Описание

In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Затрагиваемое ПО
Google Android
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://android.googlesource.com/platform/external/dng_sdk/+/7fc02c8d5af37c97b325dc2956f4a6117c145c2fhttps://source.android.com/security/bulletin/2025-03-01