CVE-2026-0131 | In RtpPacket::decodePacket, there is a possible out of bound… | CVSS 7.3 HIGH

Description

In RtpPacket::decodePacket, there is a possible out of bounds access due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Metadata

CVE ID: CVE-2026-0131
State: PUBLISHED
Assigner: Google_Devices
Reserved: 2025-10-23 08:43 UTC
Published: 2026-06-16 18:51 UTC
Last updated: 2026-06-17 03:56 UTC
Primary CWE: CWE-125
CWE-125 Out-of-bounds Read
Vendor / Product: Google / Android
Sources: cve.org · NVD

Severity & Metrics

7.3 HIGH CVSS 3.1

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

SSVC — CISA Coordinator

Exploitation: none
Automatable: no
Tech. Impact: total

Affected products (1)

Vendor	Product	Platform	Versions
Google	Android	—	Android kernel

Weakness (CWE)

CWE	Source	Description
—	cna	Elevation of privilege
CWE-125	adp	CWE-125 Out-of-bounds Read
CWE-190	adp	CWE-190 Integer Overflow or Wraparound

CVSS scores (1)

Score	Severity	Version	Source	Vector
7.3	HIGH	3.1	adp	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References (1)

https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01