Vulnerabilites related to mediatek - mt2601
cve-2022-21775
Vulnerability from cvelistv5
Published
2022-07-06 13:07
Modified
2024-08-03 02:53
Severity ?
Summary
In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T02:53:35.958Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/July-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8167, MT8167S, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Android 11.0, 12.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-06T13:07:19",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/July-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@mediatek.com",
               ID: "CVE-2022-21775",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8167, MT8167S, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Android 11.0, 12.0",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "MediaTek, Inc.",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Elevation of Privilege",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/July-2022",
                     refsource: "MISC",
                     url: "https://corp.mediatek.com/product-security-bulletin/July-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-21775",
      datePublished: "2022-07-06T13:07:19",
      dateReserved: "2021-11-26T00:00:00",
      dateUpdated: "2024-08-03T02:53:35.958Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-20073
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 02:02
Severity ?
Summary
In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T02:02:30.970Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://corp.mediatek.com/product-security-bulletin/April-2022",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "MT2601, MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6873, MT6877, MT6885, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
               vendor: "MediaTek, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Android 10.0, 11.0, 12.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of Privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-04-11T19:38:05",
            orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
            shortName: "MediaTek",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://corp.mediatek.com/product-security-bulletin/April-2022",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@mediatek.com",
               ID: "CVE-2022-20073",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "MT2601, MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6873, MT6877, MT6885, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Android 10.0, 11.0, 12.0",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "MediaTek, Inc.",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Elevation of Privilege",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://corp.mediatek.com/product-security-bulletin/April-2022",
                     refsource: "MISC",
                     url: "https://corp.mediatek.com/product-security-bulletin/April-2022",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
      assignerShortName: "MediaTek",
      cveId: "CVE-2022-20073",
      datePublished: "2022-04-11T19:38:05",
      dateReserved: "2021-10-12T00:00:00",
      dateUpdated: "2024-08-03T02:02:30.970Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Summary
In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2601:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8672BC44-8E6C-4A5A-A817-28B7387542D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C445EB80-6021-4E26-B74E-1B4B6910CE48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "809FEAD7-F02B-48A9-B442-28B46C7806C6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3CE2FC35-716A-4706-97BA-5DB165041580",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4452EFCF-5733-40A0-8726-F8E33E569411",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1505AD53-987E-4328-8E1D-F5F1EC12B677",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032.",
      },
      {
         lang: "es",
         value: "En sched driver, Se presenta un posible uso de memoria previamente liberada debido a un bloqueo inapropiado. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del parche: ALPS06479032; ID de incidencia: ALPS06479032",
      },
   ],
   id: "CVE-2022-21775",
   lastModified: "2024-11-21T06:45:24.827",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.6,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-06T14:15:17.693",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/July-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/July-2022",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-667",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:42
Summary
In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D558D965-FA70-4822-A770-419E73BA9ED3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:mediatek:mt2601:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8672BC44-8E6C-4A5A-A817-28B7387542D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C82E144B-0BAD-47E1-A657-3A5880988FE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1D2ED140-C41B-418B-9DC7-8C486304E769",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3CE2FC35-716A-4706-97BA-5DB165041580",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4452EFCF-5733-40A0-8726-F8E33E569411",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26573298-76BC-49FE-8D99-CF03ED01B185",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1505AD53-987E-4328-8E1D-F5F1EC12B677",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.",
      },
      {
         lang: "es",
         value: "En preloader (usb), se presenta una posible escritura fuera de límites debido a un desbordamiento de enteros. Esto podría conllevar a una escalada local de privilegios, para un atacante que tenga acceso físico al dispositivo, sin ser necesarios privilegios de ejecución adicionales. Es requerida una interacción del usuario para su explotación. ID del Parche: ALPS06160841; ID de Incidencia: ALPS06160841",
      },
   ],
   id: "CVE-2022-20073",
   lastModified: "2024-11-21T06:42:05.110",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.4,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.4,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "PHYSICAL",
               availabilityImpact: "HIGH",
               baseScore: 6.6,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.7,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-04-11T20:15:19.147",
   references: [
      {
         source: "security@mediatek.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/April-2022",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://corp.mediatek.com/product-security-bulletin/April-2022",
      },
   ],
   sourceIdentifier: "security@mediatek.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-191",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}