Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
4DescriptionCVE.org
In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
AnalysisAI
Persistent denial of service and local privilege escalation in Google Android's UBSan runtime component affect Android 14, 15, 16-qpr2, and 16, stemming from an integer overflow in multiple functions of ubsan_throwing_runtime.cpp. An authenticated local attacker with low-level privileges and no required user interaction can exploit this overflow to trigger persistent availability loss and, per the description, possible privilege escalation. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.
Technical ContextAI
The vulnerability resides in ubsan_throwing_runtime.cpp, a component of Android's Undefined Behavior Sanitizer (UBSan) runtime - a compiler-instrumented safety layer that detects and handles undefined behavior such as out-of-bounds accesses and signed integer overflows at runtime. CWE-190 (Integer Overflow or Wraparound) describes the root cause: arithmetic operations on integer values exceed the representable range of the data type, causing the result to wrap around to an unintended value. In the context of a runtime support library managing exception dispatch and sanitizer signal handling, such overflows can corrupt internal state or size calculations governing memory operations, potentially enabling both persistent denial of service and privilege escalation. The affected CPE (cpe:2.3:a:google:android:*:*:*:*:*:*:*:*) spans multiple Android release branches as enumerated by EUVD-2026-33774.
RemediationAI
Apply patches included in Google's Android Security Bulletin for 2026-06-01, available at https://source.android.com/docs/security/bulletin/2026/2026-06-01. OEM and carrier distributions should incorporate these patches into over-the-air updates; device owners should apply pending system updates promptly. Note that an exact patched build version number was not independently confirmed from the available reference data - consult the bulletin directly for specific patch level identifiers. If immediate patching is not feasible, restricting untrusted local code execution, enforcing strict app sandboxing policies, and limiting interactive shell access to the device reduce exposure, though none of these controls eliminate the underlying vulnerability. Enterprise MDM policies enforcing minimum Android security patch levels can serve as a compensating detection and enforcement control while OEM rollouts are pending.
Same weakness CWE-190 – Integer Overflow or Wraparound
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-33774
GHSA-xr2g-57fm-4f25