OpenCVE

In IOMMU, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Google	Android
Linux	Linux Kernel
Mediatek	Mt5221 Mt5583 Mt5691 Mt5695 Mt9010 Mt9011 Mt9012 Mt9016 Mt9020 Mt9021 Mt9022 Mt9030 Mt9031 Mt9032 Mt9216 Mt9218 Mt9220 Mt9221 Mt9222 Mt9255 Mt9256 Mt9266 Mt9269 Mt9286 Mt9288 Mt9602 Mt9610 Mt9611 Mt9612 Mt9613 Mt9615 Mt9617 Mt9618 Mt9629 Mt9630 Mt9631 Mt9632 Mt9636 Mt9638 Mt9639 Mt9649 Mt9650 Mt9652 Mt9653 Mt9666 Mt9667 Mt9669 Mt9671 Mt9675 Mt9685 Mt9686 Mt9688

Configuration 1 [-]

AND

OR	cpe:2.3:o:google:android:10.0:::::::*
	cpe:2.3:o:google:android:11.0:::::::*
	cpe:2.3:o:linux:linux_kernel:4.19:::::::*

OR	cpe:2.3:h:mediatek:mt5221:-:::::::*
	cpe:2.3:h:mediatek:mt5583:-:::::::*
	cpe:2.3:h:mediatek:mt5691:-:::::::*
	cpe:2.3:h:mediatek:mt5695:-:::::::*
	cpe:2.3:h:mediatek:mt9010:-:::::::*
	cpe:2.3:h:mediatek:mt9011:-:::::::*
	cpe:2.3:h:mediatek:mt9012:-:::::::*
	cpe:2.3:h:mediatek:mt9016:-:::::::*
	cpe:2.3:h:mediatek:mt9020:-:::::::*
	cpe:2.3:h:mediatek:mt9021:-:::::::*
	cpe:2.3:h:mediatek:mt9022:-:::::::*
	cpe:2.3:h:mediatek:mt9030:-:::::::*
	cpe:2.3:h:mediatek:mt9031:-:::::::*
	cpe:2.3:h:mediatek:mt9032:-:::::::*
	cpe:2.3:h:mediatek:mt9216:-:::::::*
	cpe:2.3:h:mediatek:mt9218:-:::::::*
	cpe:2.3:h:mediatek:mt9220:-:::::::*
	cpe:2.3:h:mediatek:mt9221:-:::::::*
	cpe:2.3:h:mediatek:mt9222:-:::::::*
	cpe:2.3:h:mediatek:mt9255:-:::::::*
	cpe:2.3:h:mediatek:mt9256:-:::::::*
	cpe:2.3:h:mediatek:mt9266:-:::::::*
	cpe:2.3:h:mediatek:mt9269:-:::::::*
	cpe:2.3:h:mediatek:mt9286:-:::::::*
	cpe:2.3:h:mediatek:mt9288:-:::::::*
	cpe:2.3:h:mediatek:mt9602:-:::::::*
	cpe:2.3:h:mediatek:mt9610:-:::::::*
	cpe:2.3:h:mediatek:mt9611:-:::::::*
	cpe:2.3:h:mediatek:mt9612:-:::::::*
	cpe:2.3:h:mediatek:mt9613:-:::::::*
	cpe:2.3:h:mediatek:mt9615:-:::::::*
	cpe:2.3:h:mediatek:mt9617:-:::::::*
	cpe:2.3:h:mediatek:mt9618:-:::::::*
	cpe:2.3:h:mediatek:mt9629:-:::::::*
	cpe:2.3:h:mediatek:mt9630:-:::::::*
	cpe:2.3:h:mediatek:mt9631:-:::::::*
	cpe:2.3:h:mediatek:mt9632:-:::::::*
	cpe:2.3:h:mediatek:mt9636:-:::::::*
	cpe:2.3:h:mediatek:mt9638:-:::::::*
	cpe:2.3:h:mediatek:mt9639:-:::::::*
	cpe:2.3:h:mediatek:mt9649:-:::::::*
	cpe:2.3:h:mediatek:mt9650:-:::::::*
	cpe:2.3:h:mediatek:mt9652:-:::::::*
	cpe:2.3:h:mediatek:mt9653:-:::::::*
	cpe:2.3:h:mediatek:mt9666:-:::::::*
	cpe:2.3:h:mediatek:mt9667:-:::::::*
	cpe:2.3:h:mediatek:mt9669:-:::::::*
	cpe:2.3:h:mediatek:mt9671:-:::::::*
	cpe:2.3:h:mediatek:mt9675:-:::::::*
	cpe:2.3:h:mediatek:mt9685:-:::::::*
	cpe:2.3:h:mediatek:mt9686:-:::::::*
	cpe:2.3:h:mediatek:mt9688:-:::::::*

No data.

References

Link	Providers
https://corp.mediatek.com/product-security-bulletin/August-2023

History

Thu, 17 Oct 2024 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2023-08-07T03:21:58.826Z

Updated: 2024-10-17T14:27:33.720Z

Reserved: 2022-10-28T02:03:23.672Z

Link: CVE-2023-20810

Vulnrichment

Updated: 2024-08-02T09:14:41.000Z

NVD

Status : Modified

Published: 2023-08-07T04:15:14.307

Modified: 2024-11-21T07:41:34.623

Link: CVE-2023-20810

Redhat

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object