CVE-2025-22438: 
NixOS vulnerability analysis and mitigation

CVE-2025-22438 is a vulnerability discovered in Android's InputDispatcher.cpp component, specifically in the afterKeyEventLockedInterruptable function. The vulnerability was disclosed in April 2025 and affects Android versions 13 and 14. This security flaw represents a potential use-after-free condition that could lead to local privilege escalation (Android Security, Debian Tracker).

The vulnerability exists in the afterKeyEventLockedInterruptable function of InputDispatcher.cpp. The issue occurs when the function releases a lock and calls into policy, during which time a call to removeInputChannel might occur, causing the waitQueue to be drained. This can result in a use-after-free condition where the dispatchEntry stored in the queue would be deleted, potentially leading to accessing freed memory (Android Source). The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High) with the vector string AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (AttackerKB).

The vulnerability can lead to local privilege escalation on affected Android devices. No additional execution privileges are needed for exploitation, and user interaction is not required. This makes the vulnerability particularly concerning as it could allow an attacker to gain elevated privileges on the system (Debian Tracker).

Google has released a patch that modifies the InputDispatcher.cpp to ensure objects remain valid after calling policy. The fix includes making changes to maintain strong pointers to connection objects and properly handling data after lock release (Android Source).