Description
In MDDP, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10289875; Issue ID: MSV-5184.
Published: 2026-03-02
Score: 4.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Local Denial of Service
Action: Immediate Patch
AI Analysis

Impact

This vulnerability arises from a race condition in MediaTek's Media Data Distribution Protocol (MDDP) that can cause a system crash. The crash propagates a denial‑of‑service condition, disrupting continuity of operation for the affected device. Because the flaw occurs at the system level, the impact is limited to the local device but results in the loss of all services provided by the affected component.

Affected Systems

The flaw is present on a broad range of MediaTek chipsets, including the MT6835, MT6855, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT6993, MT8188, MT8678, MT8755, MT8771, MT8797, and MT8798. Devices running Android 14, 15, or 16 that incorporate these chipsets are vulnerable as well.

Risk and Exploitability

The CVSS score of 4.4 indicates a moderate severity of this denial‑of‑service condition. The EPSS score of less than 1% implies a very low probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires local, privileged access to the system and does not require any user interaction. Once a malicious actor has obtained system privileges, they can trigger the race condition to induce a crash, potentially compromising device availability.

Generated by OpenCVE AI on April 16, 2026 at 14:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the firmware patch identified as ALPS10289875 from MediaTek or the device manufacturer.
  • Disable the Media Data Distribution Protocol (MDDP) service if the device does not require it to reduce exposure.
  • Limit local privileged access by configuring role‑based access controls to prevent malicious actors from obtaining system privileges.

Generated by OpenCVE AI on April 16, 2026 at 14:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Title Race Condition in MediaTek MDDP Leading to Local Denial of Service

Tue, 03 Mar 2026 13:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Mediatek
Mediatek mt6835
Mediatek mt6855
Mediatek mt6878
Mediatek mt6879
Mediatek mt6883
Mediatek mt6885
Mediatek mt6886
Mediatek mt6889
Mediatek mt6893
Mediatek mt6895
Mediatek mt6897
Mediatek mt6899
Mediatek mt6983
Mediatek mt6985
Mediatek mt6989
Mediatek mt6991
Mediatek mt6993
Mediatek mt8188
Mediatek mt8678
Mediatek mt8755
Mediatek mt8771
Mediatek mt8797
Mediatek mt8798
CPEs cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6993:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8755:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:16.0:-:*:*:*:*:*:*
Vendors & Products Google
Google android
Mediatek
Mediatek mt6835
Mediatek mt6855
Mediatek mt6878
Mediatek mt6879
Mediatek mt6883
Mediatek mt6885
Mediatek mt6886
Mediatek mt6889
Mediatek mt6893
Mediatek mt6895
Mediatek mt6897
Mediatek mt6899
Mediatek mt6983
Mediatek mt6985
Mediatek mt6989
Mediatek mt6991
Mediatek mt6993
Mediatek mt8188
Mediatek mt8678
Mediatek mt8755
Mediatek mt8771
Mediatek mt8797
Mediatek mt8798

Mon, 02 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 4.4, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 02 Mar 2026 09:00:00 +0000

Type Values Removed Values Added
Description In MDDP, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10289875; Issue ID: MSV-5184.
Weaknesses CWE-367
References
cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published:

Updated: 2026-03-30T13:06:14.965Z

Reserved: 2025-11-03T01:30:59.012Z

Link: CVE-2026-20445

cve-icon Vulnrichment

Updated: 2026-03-02T13:21:39.775Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-02T09:16:18.007

Modified: 2026-03-03T12:57:06.617

Link: CVE-2026-20445

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T14:45:25Z

Weaknesses