Common Weakness Enumeration

CWE-703

Discouraged

Improper Check or Handling of Exceptional Conditions

Abstraction: Pillar · Status: Incomplete

The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.

212 vulnerabilities reference this CWE, most recent first.

GHSA-XR72-MPJ5-G8P2

Vulnerability from github – Published: 2025-09-05 18:31 – Updated: 2025-09-05 21:32
VLAI
Details

In multiple functions of DexUseManagerLocal.java, there is a possible way to crash system server due to a logic error in the code. This could lead to local permanent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-26456"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-703"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-04T18:15:45Z",
    "severity": "MODERATE"
  },
  "details": "In multiple functions of DexUseManagerLocal.java, there is a possible way to crash system server due to a logic error in the code. This could lead to local permanent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-xr72-mpj5-g8p2",
  "modified": "2025-09-05T21:32:36Z",
  "published": "2025-09-05T18:31:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26456"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/platform/art/+/06a99377e368b688dbeb4e6bb11b6e1dfca8bb70"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/platform/art/+/1aedae6e1049aa794b3554183bf07634c8fa291b"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/platform/art/+/3c76194d116bad95e11bda345feaedda6c02c8b4"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2025-06-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XX9Q-649R-GP4M

Vulnerability from github – Published: 2025-08-27 00:31 – Updated: 2025-08-27 15:33
VLAI
Details

In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-22413"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-703"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-26T23:15:34Z",
    "severity": "MODERATE"
  },
  "details": "In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-xx9q-649r-gp4m",
  "modified": "2025-08-27T15:33:15Z",
  "published": "2025-08-27T00:31:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22413"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/kernel/common/+/1a3366f0d3d9b94a8c025d9863edc3b427435c4c"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/kernel/common/+/add3d68602a0c48ed2d5659f0cf26d869776ab35"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2025-03-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.