In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065928; Issue ID: MSV-1763.
History

Mon, 04 Nov 2024 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Mediatek
Mediatek mt6765
Mediatek mt6768
Mediatek mt6833
Mediatek mt6853
Mediatek mt6873
Mediatek mt6877
Mediatek mt6885
Mediatek mt6893
Mediatek mt8188
Mediatek mt8195
CPEs cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*
Vendors & Products Google
Google android
Mediatek
Mediatek mt6765
Mediatek mt6768
Mediatek mt6833
Mediatek mt6853
Mediatek mt6873
Mediatek mt6877
Mediatek mt6885
Mediatek mt6893
Mediatek mt8188
Mediatek mt8195
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 04 Nov 2024 02:15:00 +0000

Type Values Removed Values Added
Description In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065928; Issue ID: MSV-1763.
Weaknesses CWE-787
References

cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2024-11-04T01:48:45.747Z

Updated: 2024-11-04T10:53:33.541Z

Reserved: 2023-11-02T13:35:35.178Z

Link: CVE-2024-20109

cve-icon Vulnrichment

Updated: 2024-11-04T10:52:47.784Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-04T02:15:16.387

Modified: 2024-11-04T18:50:05.607

Link: CVE-2024-20109

cve-icon Redhat

No data.