In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
https://www.securityweek.com/androids-december-2024-security-update-patches-14-vulnerabilities/
https://source.android.com/security/bulletin/2024-12-01
https://android.googlesource.com/platform/external/skia/+/796c2040f641bb287dba66c9823ce45e9f8b5807