CVE-2026-0141

Vulnerability

In decodeAppPacket of RtcpAppPacket.cpp, a missing bounds check allows an out-of-bounds (OOB) read. This affects supported Pixel devices with security patch levels prior to 2026-06-05 (the June 2026 Pixel Update Bulletin). The vulnerable code path is reachable via crafted network packets processed by the affected component.

Exploitation

An attacker can exploit this vulnerability by sending a specially crafted packet to a vulnerable Pixel device over the network. No authentication or user interaction is required for exploitation, and the attack can be performed remotely.

Impact

Successful exploitation results in remote information disclosure. The attacker can read out-of-bounds memory, potentially leaking sensitive data from the device's memory. The vulnerability does not grant additional execution privileges, but the disclosure can compromise confidentiality.

Mitigation

Google released a fix as part of the 2026-06-05 security patch level for Pixel devices, as documented in the Pixel Update Bulletin—June 2026 [1]. Affected users should update their devices to this patch level or later. No workaround is available; updating is the only mitigation.