OpenCVE

In subtitle service, there is a possible application crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330673; Issue ID: DTV03330673.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:L/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Google	Android
Linux	Linux Kernel
Mediatek	Mt9011 Mt9215 Mt9216 Mt9220 Mt9221 Mt9255 Mt9256 Mt9266 Mt9269 Mt9285 Mt9286 Mt9288 Mt9600 Mt9602 Mt9610 Mt9611 Mt9612 Mt9613 Mt9615 Mt9617 Mt9629 Mt9630 Mt9631 Mt9632 Mt9636 Mt9638 Mt9639 Mt9650 Mt9652 Mt9666 Mt9669 Mt9670 Mt9675 Mt9685 Mt9686 Mt9688

Configuration 1 [-]

AND

OR	cpe:2.3:o:google:android:9.0:::::::*
	cpe:2.3:o:google:android:10.0:::::::*
	cpe:2.3:o:google:android:11.0:::::::*

OR	cpe:2.3:h:mediatek:mt9011:-:::::::*
	cpe:2.3:h:mediatek:mt9215:-:::::::*
	cpe:2.3:h:mediatek:mt9216:-:::::::*
	cpe:2.3:h:mediatek:mt9220:-:::::::*
	cpe:2.3:h:mediatek:mt9221:-:::::::*
	cpe:2.3:h:mediatek:mt9255:-:::::::*
	cpe:2.3:h:mediatek:mt9256:-:::::::*
	cpe:2.3:h:mediatek:mt9266:-:::::::*
	cpe:2.3:h:mediatek:mt9269:-:::::::*
	cpe:2.3:h:mediatek:mt9285:-:::::::*
	cpe:2.3:h:mediatek:mt9286:-:::::::*
	cpe:2.3:h:mediatek:mt9288:-:::::::*
	cpe:2.3:h:mediatek:mt9600:-:::::::*
	cpe:2.3:h:mediatek:mt9602:-:::::::*
	cpe:2.3:h:mediatek:mt9610:-:::::::*
	cpe:2.3:h:mediatek:mt9611:-:::::::*
	cpe:2.3:h:mediatek:mt9612:-:::::::*
	cpe:2.3:h:mediatek:mt9613:-:::::::*
	cpe:2.3:h:mediatek:mt9615:-:::::::*
	cpe:2.3:h:mediatek:mt9617:-:::::::*
	cpe:2.3:h:mediatek:mt9629:-:::::::*
	cpe:2.3:h:mediatek:mt9630:-:::::::*
	cpe:2.3:h:mediatek:mt9631:-:::::::*
	cpe:2.3:h:mediatek:mt9632:-:::::::*
	cpe:2.3:h:mediatek:mt9636:-:::::::*
	cpe:2.3:h:mediatek:mt9638:-:::::::*
	cpe:2.3:h:mediatek:mt9639:-:::::::*
	cpe:2.3:h:mediatek:mt9650:-:::::::*
	cpe:2.3:h:mediatek:mt9652:-:::::::*
	cpe:2.3:h:mediatek:mt9666:-:::::::*
	cpe:2.3:h:mediatek:mt9669:-:::::::*
	cpe:2.3:h:mediatek:mt9670:-:::::::*
	cpe:2.3:h:mediatek:mt9675:-:::::::*
	cpe:2.3:h:mediatek:mt9685:-:::::::*
	cpe:2.3:h:mediatek:mt9686:-:::::::*
	cpe:2.3:h:mediatek:mt9688:-:::::::*

Configuration 2 [-]

AND

OR	cpe:2.3:o:linux:linux_kernel:4.9:::::::*
	cpe:2.3:o:linux:linux_kernel:4.19:::::::*

OR	cpe:2.3:h:mediatek:mt9011:-:::::::*
	cpe:2.3:h:mediatek:mt9215:-:::::::*
	cpe:2.3:h:mediatek:mt9216:-:::::::*
	cpe:2.3:h:mediatek:mt9220:-:::::::*
	cpe:2.3:h:mediatek:mt9221:-:::::::*
	cpe:2.3:h:mediatek:mt9255:-:::::::*
	cpe:2.3:h:mediatek:mt9256:-:::::::*
	cpe:2.3:h:mediatek:mt9266:-:::::::*
	cpe:2.3:h:mediatek:mt9269:-:::::::*
	cpe:2.3:h:mediatek:mt9285:-:::::::*
	cpe:2.3:h:mediatek:mt9286:-:::::::*
	cpe:2.3:h:mediatek:mt9288:-:::::::*
	cpe:2.3:h:mediatek:mt9600:-:::::::*
	cpe:2.3:h:mediatek:mt9602:-:::::::*
	cpe:2.3:h:mediatek:mt9610:-:::::::*
	cpe:2.3:h:mediatek:mt9611:-:::::::*
	cpe:2.3:h:mediatek:mt9612:-:::::::*
	cpe:2.3:h:mediatek:mt9613:-:::::::*
	cpe:2.3:h:mediatek:mt9615:-:::::::*
	cpe:2.3:h:mediatek:mt9617:-:::::::*
	cpe:2.3:h:mediatek:mt9629:-:::::::*
	cpe:2.3:h:mediatek:mt9630:-:::::::*
	cpe:2.3:h:mediatek:mt9631:-:::::::*
	cpe:2.3:h:mediatek:mt9632:-:::::::*
	cpe:2.3:h:mediatek:mt9636:-:::::::*
	cpe:2.3:h:mediatek:mt9638:-:::::::*
	cpe:2.3:h:mediatek:mt9639:-:::::::*
	cpe:2.3:h:mediatek:mt9650:-:::::::*
	cpe:2.3:h:mediatek:mt9652:-:::::::*
	cpe:2.3:h:mediatek:mt9666:-:::::::*
	cpe:2.3:h:mediatek:mt9669:-:::::::*
	cpe:2.3:h:mediatek:mt9670:-:::::::*
	cpe:2.3:h:mediatek:mt9675:-:::::::*
	cpe:2.3:h:mediatek:mt9685:-:::::::*
	cpe:2.3:h:mediatek:mt9686:-:::::::*
	cpe:2.3:h:mediatek:mt9688:-:::::::*

No data.

References

Link	Providers
https://corp.mediatek.com/product-security-bulletin/May-2022

History

No history.

MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2022-05-03T20:05:51

Updated: 2024-08-03T02:02:30.677Z

Reserved: 2021-10-12T00:00:00

Link: CVE-2022-20107

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-05-03T21:15:09.213

Modified: 2024-11-21T06:42:10.187

Link: CVE-2022-20107

Redhat

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object