Security researchers at Google Project Zero have disclosed a complete zero-click exploit chain affecting Google Pixel 9 smartphones, chaining vulnerabilities in the Dolby audio decoder and kernel driver to achieve code execution and privilege escalation without any user interaction.
The exploit leverages three distinct vulnerabilities: CVE-2025-54957 in the Dolby Unified Decoder, CVE-2025-36934 in a kernel driver accessible from the sandbox, and a third undisclosed vector.
Researcher Natalie Silvanovich revealed that AI-powered mobile features, particularly automatic audio transcription, have dramatically expanded the zero-click attack surface on Android devices.
Google Messages now automatically decodes incoming SMS and RCS audio attachments without user interaction, making audio decoders prime targets for zero-click exploitation.
| CVE ID | Component | Vulnerability Type | CVSS Score | Impact |
|---|---|---|---|---|
| CVE-2025-54957 | Dolby Unified Decoder (libcodec2_soft_ddpdec.so) | Integer Overflow in EMDF Parsing | 9.8 | Arbitrary code execution in mediacodec context |
| CVE-2025-36934 | Kernel Driver (Pixel 9) | Privilege Escalation | 9.8 | Privilege escalation from mediacodec to kernel |
| CVE-2025-49415 | Monkey’s Audio Codec | Buffer Overflow | 8.6 | Code execution in audio decoder |
Silvanovich previously documented CVE-2025-49415 affecting Samsung’s Monkey’s Audio codec, leading Google Project Zero to investigate the Dolby Unified Decoder used across most Android devices.
The Dolby Digital and Dolby Digital Plus (AC-3/EAC-3) decoders process bitstreams containing audio blocks that can trigger integer overflow during memory allocation.
Technical Vulnerability Details
The primary flaw exists in Dolby’s EMDF (Extensible Metadata Delivery Format) parsing logic. The decoder fails to properly validate the size of EMDF payload allocations on a custom heap, allowing attackers to trigger integer overflow.
When total allocation size wraps between 0xFFFFFFFFFFFFFFF9 and 0xFFFFFFFFFFFFFFFF on 64-bit systems, the allocator grants a small buffer while the write operation uses the original, much larger payload length as its bounds.
Critically, the vulnerability provides two exploitation primitives: a “buffer overrun capability” enabling controlled out-of-bounds writes, and a “leak capability” allowing reads beyond the initialized skip buffer.
By carefully chaining multiple syncframes, the independently decodable units within the audio stream, attackers can fill a custom heap with attacker-controlled data while maintaining control over write sizes and addresses through bitstream parameters.
Project Zero successfully weaponized this vulnerability to achieve arbitrary code execution within the mediacodec sandbox on Pixel 9 devices.
The exploit chain then escapes the sandbox through a separate kernel driver vulnerability to achieve system-level privilege escalation.
Google researchers demonstrated that, while robust, modern Android security features can be circumvented when media decoder vulnerabilities are properly chained with driver exploits.
All three vulnerabilities were patched as of January 5, 2026. Project Zero is publishing a three-part technical series detailing the complete exploit methodology, with Parts 2 and 3 discussing kernel privilege escalation and broader mitigation strategies for mobile platforms.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.