The aoc_ipc_core is a component of the Android Open Source Project (AOSP). It's responsible for IPC (Inter-Process Communication) between different Android components. This vulnerability allows attackers to execute arbitrary code on an Android device by exploiting a possible out-of-bounds read in the aoc_ipc_core.c file.
Specific version info not stated in the advisory. If you don't recognise this software, you're probably not affected.
Upgrade to Android 2025-12-05 or later.
Maven: Update your build.gradle dependency version
If immediate upgrade isn't possible:
- Restrict network access to your device (firewall it from the public internet)
- Audit IPC-related activity for suspicious patterns
- Monitor for unauthorized IPC creation