In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08996886; Issue ID: MSV-1626.
History

Mon, 07 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Mediatek
Mediatek mt6768
Mediatek mt6779
Mediatek mt6781
Mediatek mt6785
Mediatek mt6833
Mediatek mt6853
Mediatek mt6873
Mediatek mt6877
Mediatek mt6885
Mediatek mt6893
Mediatek mt8188
Mediatek mt8532
Mediatek mt8675
Mediatek mt8766
Mediatek mt8768
Mediatek mt8781
Mediatek mt8786
Mediatek mt8788
CPEs cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*
Vendors & Products Mediatek
Mediatek mt6768
Mediatek mt6779
Mediatek mt6781
Mediatek mt6785
Mediatek mt6833
Mediatek mt6853
Mediatek mt6873
Mediatek mt6877
Mediatek mt6885
Mediatek mt6893
Mediatek mt8188
Mediatek mt8532
Mediatek mt8675
Mediatek mt8766
Mediatek mt8768
Mediatek mt8781
Mediatek mt8786
Mediatek mt8788
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 07 Oct 2024 02:45:00 +0000

Type Values Removed Values Added
Description In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08996886; Issue ID: MSV-1626.
Weaknesses CWE-787
References

cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2024-10-07T02:35:25.007Z

Updated: 2024-10-07T13:30:22.248Z

Reserved: 2023-11-02T13:35:35.175Z

Link: CVE-2024-20098

cve-icon Vulnrichment

Updated: 2024-10-07T13:29:33.712Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-10-07T03:15:03.127

Modified: 2024-10-07T19:36:42.660

Link: CVE-2024-20098

cve-icon Redhat

No data.