CVE-2026-0128

Summary

In RtcpFbPacket::decodeRtcpFbPacket, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

Affected Software

VendorProductVersion RangeStatus
GoogleAndroidAndroid kernelaffected

Weaknesses

  • Information disclosure

References