ASB-A-335387175

See a problem?

Import Source

https://storage.googleapis.com/android-osv-test/ASB-A-335387175.json

JSON Data

https://api.test.osv.dev/v1/vulns/ASB-A-335387175

Aliases

A-335387175
CVE-2025-22419

Published

2025-04-01T00:00:00Z

Modified

2025-04-07T20:27:14.147686Z

Summary

[none]

Details

In multiple locations, there is a possible way to mislead the user into enabling malicious phone calls forwarding due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.

References

https://source.android.com/security/bulletin/2025-04-01

Affected packages

Android / platform/packages/services/Telephony

Package

Name: platform/packages/services/Telephony

Affected ranges

Type: ECOSYSTEM
Events: Introduced

15-next:0

Fixed

15-next:2025-04-01

Affected versions

Other

15-next

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telephony/+/46e18ac57da3ac50271fc2be5b20bd7799637eae"
    ],
    "spl": "2025-04-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/services/Telephony

Package

Name: platform/packages/services/Telephony

Affected ranges

Type: ECOSYSTEM
Events: Introduced

15:0

Fixed

15:2025-04-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telephony/+/5b543fefa148900c8cff77cef143bede0a8f49b9"
    ],
    "spl": "2025-04-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/services/Telephony

Package

Name: platform/packages/services/Telephony

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13:0

Fixed

13:2025-04-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telephony/+/77b3027a706b8d5a92e1375c84b0f273bb5ca916"
    ],
    "spl": "2025-04-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/services/Telephony

Package

Name: platform/packages/services/Telephony

Affected ranges

Type: ECOSYSTEM
Events: Introduced

14:0

Fixed

14:2025-04-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telephony/+/7fef8a3a84a138b29a5ffeae5da72a6b39fe448a"
    ],
    "spl": "2025-04-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}