CVE-2025-20640

MEDIUM Year: 2025
CVSS v3 Score
6.2
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

In DA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291146; Issue ID: MSV-2059.

Related Vulnerabilities

CVE-2014-8716

MEDIUM
CVSS:6.2(Medium)

The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).

CWE-1252014

CVE-2017-13290

MEDIUM
CVSS:6.2(Medium)

In sdp_server_handle_client_req of sdp_server.cc, there is an out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges ...

CWE-1252017

CVE-2017-13321

MEDIUM
CVSS:6.2(Medium)

In SensorService::isDataInjectionEnabled of frameworks/native/services/sensorservice/SensorService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local i...

CWE-1252017

CVE-2018-9435

MEDIUM
CVSS:6.2(Medium)

In gatt_process_error_rsp of gatt_cl.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges ne...

CWE-1252018

CVE-2021-47244

MEDIUM
CVSS:6.2(Medium)

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix out of bounds when parsing TCP options The TCP option parser in mptcp (mptcp_get_options) could read one byte out of boun...

CWE-1252021

CVE-2023-21118

MEDIUM
CVSS:6.2(Medium)

In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed....

CWE-1252023