{"id":"ASB-A-373638114", "published":"2025-03-01T00:00:00Z", "modified":"2026-04-29T15:10:00.007170452Z", "aliases":["CVE-2025-22413", "A-373638114"], "details":"In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":":linux_kernel:", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":":0"}, {"fixed":":2025-03-05"}]}], "versions":["Kernel"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/kernel/common/+/1a3366f0d3d9b94a8c025d9863edc3b427435c4c", "https://android.googlesource.com/kernel/common/+/add3d68602a0c48ed2d5659f0cf26d869776ab35"], "severity":"High", "spl":"2025-03-05", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"6612826506756150171725956826780828467", "length":512}, "id":"ASB-A-373638114-1a658daa", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/kernel/common/+/add3d68602a0c48ed2d5659f0cf26d869776ab35", "target":{"file":"arch/arm64/kvm/hyp/nvhe/hyp-main.c", "function":"handle___kvm_vcpu_run"}}, {"deprecated":false, "digest":{"function_hash":"6612826506756150171725956826780828467", "length":512}, "id":"ASB-A-373638114-277f8b35", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/kernel/common/+/1a3366f0d3d9b94a8c025d9863edc3b427435c4c", "target":{"file":"arch/arm64/kvm/hyp/nvhe/hyp-main.c", "function":"handle___kvm_vcpu_run"}}, {"deprecated":false, "digest":{"line_hashes":["88806487874079903129932328106404966041", "192608094885790267886802684299369199796", "37046479976891882149375872543523566445", "166722324875833711955036644161891583204", "59496392083652247504463708794120173392", "33932093482366427293180854021950481040", "189068059293782396451140393116015011694", "53925709729284983910903683264871566247", "201543084831759698333199909933197473931", "251721975929196173730805254998025562577", "263035614853255340998385577026896881639", "91085910657237868778890481738821299453", "161599105729585692481879944017378241589", "337080295458693975985373773423197310154", "255909480030532430153738347682455354819", "144216150692101086188934081520817539599", "74031601620163822489627961477861841251", "111604734531736771629519158137139276346", "227243364153970874742953449006592725522"], "threshold":0.9}, "id":"ASB-A-373638114-81a6bc7b", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/kernel/common/+/add3d68602a0c48ed2d5659f0cf26d869776ab35", "target":{"file":"arch/arm64/kvm/hyp/nvhe/hyp-main.c"}}, {"deprecated":false, "digest":{"function_hash":"148454252575681090957833428128627055637", "length":1076}, "id":"ASB-A-373638114-9eb2130f", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/kernel/common/+/1a3366f0d3d9b94a8c025d9863edc3b427435c4c", "target":{"file":"arch/arm64/kvm/hyp/nvhe/hyp-main.c", "function":"flush_hyp_vcpu"}}, {"deprecated":false, "digest":{"line_hashes":["88806487874079903129932328106404966041", "192608094885790267886802684299369199796", "37046479976891882149375872543523566445", "166722324875833711955036644161891583204", "59496392083652247504463708794120173392", "33932093482366427293180854021950481040", "189068059293782396451140393116015011694", "53925709729284983910903683264871566247", "201543084831759698333199909933197473931", "251721975929196173730805254998025562577", "263035614853255340998385577026896881639", "91085910657237868778890481738821299453", "161599105729585692481879944017378241589", "337080295458693975985373773423197310154", "255909480030532430153738347682455354819", "144216150692101086188934081520817539599", "74031601620163822489627961477861841251", "111604734531736771629519158137139276346", "227243364153970874742953449006592725522"], "threshold":0.9}, "id":"ASB-A-373638114-c17614d0", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/kernel/common/+/1a3366f0d3d9b94a8c025d9863edc3b427435c4c", "target":{"file":"arch/arm64/kvm/hyp/nvhe/hyp-main.c"}}, {"deprecated":false, "digest":{"function_hash":"148454252575681090957833428128627055637", "length":1076}, "id":"ASB-A-373638114-c4e3c51d", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/kernel/common/+/add3d68602a0c48ed2d5659f0cf26d869776ab35", "target":{"file":"arch/arm64/kvm/hyp/nvhe/hyp-main.c", "function":"flush_hyp_vcpu"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2025-03-01"}, {"type":"FIX", "url":"https://android.googlesource.com/kernel/common/+/1a3366f0d3d9b94a8c025d9863edc3b427435c4c"}, {"type":"FIX", "url":"https://android.googlesource.com/kernel/common/+/add3d68602a0c48ed2d5659f0cf26d869776ab35"}]}