Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.4
Out-of-bounds write vulnerability in UsageEvents.java
CVE-2025-32313
ASB-A-399155883
Summary
A bug in UsageEvents.java could allow an attacker to gain higher access to your system by exploiting an incorrect check in the code. This means an attacker might be able to access sensitive information or take actions they shouldn't be able to, without requiring any user interaction. Update the UsageEvents.java code to fix the issue.
What to do
- Update google platform/frameworks/base to version 16-qpr2-next:2026-03-01.
- Update google platform/frameworks/native to version 16-qpr2-next:2026-03-01.
- Update google platform/frameworks/base to version 15:2026-03-01.
- Update google platform/frameworks/native to version 15:2026-03-01.
- Update google platform/frameworks/base to version 16:2026-03-01.
- Update google platform/frameworks/base to version 14:2026-03-01.
- Update google platform/frameworks/native to version 14:2026-03-01.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| android | 14.0 | – | |
| android | 15.0 | – | |
| android | 16.0 | – | |
| platform/frameworks/base | > 16-qpr2-next:0 , <= 16-qpr2-next:2026-03-01 | 16-qpr2-next:2026-03-01 | |
| platform/frameworks/native | > 16-qpr2-next:0 , <= 16-qpr2-next:2026-03-01 | 16-qpr2-next:2026-03-01 | |
| platform/frameworks/base | > 15:0 , <= 15:2026-03-01 | 15:2026-03-01 | |
| platform/frameworks/native | > 15:0 , <= 15:2026-03-01 | 15:2026-03-01 | |
| platform/frameworks/base | > 16:0 , <= 16:2026-03-01 | 16:2026-03-01 | |
| platform/frameworks/base | > 14:0 , <= 14:2026-03-01 | 14:2026-03-01 | |
| platform/frameworks/native | > 14:0 , <= 14:2026-03-01 | 14:2026-03-01 |
Original title
In UsageEvents of UsageEvents.java, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privilege...
Original description
In UsageEvents of UsageEvents.java, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd CVSS3.1
8.4
Vulnerability type
CWE-787
Out-of-bounds Write
Published: 1 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026