In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056; Issue ID: MSV-2041.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| MediaTek, Inc. | MT2737, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6878, MT6879, MT6880, MT6885, MT6886, MT6890, MT6893, MT6895, MT6897, MT6980, MT6985, MT6989, MT6990, MT8370, MT8390, MT8676 | affected |
|
Configuration 1 [-]
| AND |
|
No data.
No data.
Project Subscriptions
| Vendors | Products |
|---|---|
|
Google
Subscribe
|
Android
Subscribe
|
|
Linuxfoundation
Subscribe
|
Yocto
Subscribe
|
|
Mediatek
Subscribe
|
Mt2737
Subscribe
Mt6739
Subscribe
Mt6761
Subscribe
Mt6765
Subscribe
Mt6768
Subscribe
Mt6771
Subscribe
Mt6779
Subscribe
Mt6781
Subscribe
Mt6785
Subscribe
Mt6789
Subscribe
Mt6833
Subscribe
Mt6835
Subscribe
Mt6853
Subscribe
Mt6855
Subscribe
Mt6873
Subscribe
Mt6877
Subscribe
Mt6878
Subscribe
Mt6879
Subscribe
Mt6880
Subscribe
Mt6885
Subscribe
Mt6886
Subscribe
Mt6890
Subscribe
Mt6893
Subscribe
Mt6895
Subscribe
Mt6897
Subscribe
Mt6980
Subscribe
Mt6985
Subscribe
Mt6989
Subscribe
Mt6990
Subscribe
Mt8370
Subscribe
Mt8390
Subscribe
Mt8676
Subscribe
|
|
Openwrt
Subscribe
|
Openwrt
Subscribe
|
|
Rdkcentral
Subscribe
|
Rdk-b
Subscribe
|
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Tue, 22 Apr 2025 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Google
Google android Linuxfoundation Linuxfoundation yocto Mediatek Mediatek mt2737 Mediatek mt6739 Mediatek mt6761 Mediatek mt6765 Mediatek mt6768 Mediatek mt6771 Mediatek mt6779 Mediatek mt6781 Mediatek mt6785 Mediatek mt6789 Mediatek mt6833 Mediatek mt6835 Mediatek mt6853 Mediatek mt6855 Mediatek mt6873 Mediatek mt6877 Mediatek mt6878 Mediatek mt6879 Mediatek mt6880 Mediatek mt6885 Mediatek mt6886 Mediatek mt6890 Mediatek mt6893 Mediatek mt6895 Mediatek mt6897 Mediatek mt6980 Mediatek mt6985 Mediatek mt6989 Mediatek mt6990 Mediatek mt8370 Mediatek mt8390 Mediatek mt8676 Openwrt Openwrt openwrt Rdkcentral Rdkcentral rdk-b |
|
| CPEs | cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:* cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:* cpe:2.3:a:rdkcentral:rdk-b:2024q1:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:* cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:* cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:* cpe:2.3:o:openwrt:openwrt:23.05:*:*:*:*:*:*:* |
|
| Vendors & Products |
Google
Google android Linuxfoundation Linuxfoundation yocto Mediatek Mediatek mt2737 Mediatek mt6739 Mediatek mt6761 Mediatek mt6765 Mediatek mt6768 Mediatek mt6771 Mediatek mt6779 Mediatek mt6781 Mediatek mt6785 Mediatek mt6789 Mediatek mt6833 Mediatek mt6835 Mediatek mt6853 Mediatek mt6855 Mediatek mt6873 Mediatek mt6877 Mediatek mt6878 Mediatek mt6879 Mediatek mt6880 Mediatek mt6885 Mediatek mt6886 Mediatek mt6890 Mediatek mt6893 Mediatek mt6895 Mediatek mt6897 Mediatek mt6980 Mediatek mt6985 Mediatek mt6989 Mediatek mt6990 Mediatek mt8370 Mediatek mt8390 Mediatek mt8676 Openwrt Openwrt openwrt Rdkcentral Rdkcentral rdk-b |
Mon, 06 Jan 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Mon, 06 Jan 2025 03:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056; Issue ID: MSV-2041. | |
| Weaknesses | CWE-787 | |
| References |
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: MediaTek
Published:
Updated: 2025-01-06T14:18:57.284Z
Reserved: 2023-11-02T13:35:35.185Z
Link: CVE-2024-20144
Vulnrichment
Updated: 2025-01-06T14:18:49.212Z
NVD
Status : Analyzed
Published: 2025-01-06T04:15:06.743
Modified: 2025-04-22T13:50:01.453
Link: CVE-2024-20144
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses