In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1703.
Metrics
Affected Vendors & Products
References
History
Mon, 07 Oct 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Google
Google android Mediatek Mediatek mt6761 Mediatek mt6765 Mediatek mt6768 Mediatek mt6779 Mediatek mt6785 Mediatek mt6853 Mediatek mt6873 Mediatek mt6885 Mediatek mt8385 Mediatek mt8666 Mediatek mt8667 Mediatek mt8766 Mediatek mt8768 Mediatek mt8781 Mediatek mt8788 Mediatek mt8789 |
|
CPEs | cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Google
Google android Mediatek Mediatek mt6761 Mediatek mt6765 Mediatek mt6768 Mediatek mt6779 Mediatek mt6785 Mediatek mt6853 Mediatek mt6873 Mediatek mt6885 Mediatek mt8385 Mediatek mt8666 Mediatek mt8667 Mediatek mt8766 Mediatek mt8768 Mediatek mt8781 Mediatek mt8788 Mediatek mt8789 |
|
Metrics |
cvssV3_1
|
Mon, 07 Oct 2024 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1703. | |
Weaknesses | CWE-787 | |
References |
|
MITRE
Status: PUBLISHED
Assigner: MediaTek
Published: 2024-10-07T02:35:05.952Z
Updated: 2024-10-07T14:05:24.427Z
Reserved: 2023-11-02T13:35:35.174Z
Link: CVE-2024-20090
Vulnrichment
Updated: 2024-10-07T14:04:34.154Z
NVD
Status : Awaiting Analysis
Published: 2024-10-07T03:15:02.430
Modified: 2024-10-07T19:36:41.627
Link: CVE-2024-20090
Redhat
No data.