The first bug in the chain is CVE-2025-54957, a memory corruption bug in the Dolby Unified Decoder, an audio codec integrated by most Android devices’ OEMs. It is 0-click because incoming SMS and RCS audio messages are automatically transcribed by the system.
The second bug, CVE-2025-36934, is a driver UaF which only affects the Pixel 9, but Project Zero has found many other bugs with similar impact affecting other devices over the past couple years.
If you have a fediverse account, you can quote this note from your own instance. Search https://infosec.exchange/users/natashenka/statuses/115901129680574896 on your instance and quote it. (Note that quoting is not supported in Mastodon.)