In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1700.
Metrics
Affected Vendors & Products
References
History
Mon, 07 Oct 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Google
Google android Mediatek Mediatek mt6761 Mediatek mt6765 Mediatek mt6768 Mediatek mt6779 Mediatek mt6785 Mediatek mt6853 Mediatek mt6873 Mediatek mt6885 Mediatek mt8385 Mediatek mt8666 Mediatek mt8667 Mediatek mt8766 Mediatek mt8768 Mediatek mt8781 Mediatek mt8788 Mediatek mt8789 |
|
CPEs | cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Google
Google android Mediatek Mediatek mt6761 Mediatek mt6765 Mediatek mt6768 Mediatek mt6779 Mediatek mt6785 Mediatek mt6853 Mediatek mt6873 Mediatek mt6885 Mediatek mt8385 Mediatek mt8666 Mediatek mt8667 Mediatek mt8766 Mediatek mt8768 Mediatek mt8781 Mediatek mt8788 Mediatek mt8789 |
|
Metrics |
cvssV3_1
|
Mon, 07 Oct 2024 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1700. | |
Weaknesses | CWE-787 | |
References |
|
MITRE
Status: PUBLISHED
Assigner: MediaTek
Published: 2024-10-07T02:35:09.608Z
Updated: 2024-10-07T13:44:00.418Z
Reserved: 2023-11-02T13:35:35.174Z
Link: CVE-2024-20092
Vulnrichment
Updated: 2024-10-07T13:43:21.375Z
NVD
Status : Awaiting Analysis
Published: 2024-10-07T03:15:02.680
Modified: 2024-10-07T19:36:41.920
Link: CVE-2024-20092
Redhat
No data.