Vulnerabilites related to mediatek - mt2601
cve-2022-21775
Vulnerability from cvelistv5
Published
2022-07-06 13:07
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032.
References
▼ | URL | Tags |
---|---|---|
https://corp.mediatek.com/product-security-bulletin/July-2022 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:53:35.958Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8167, MT8167S, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Android 11.0, 12.0", }, ], }, ], descriptions: [ { lang: "en", value: "In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-06T13:07:19", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-21775", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8167, MT8167S, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797", version: { version_data: [ { version_value: "Android 11.0, 12.0", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/July-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-21775", datePublished: "2022-07-06T13:07:19", dateReserved: "2021-11-26T00:00:00", dateUpdated: "2024-08-03T02:53:35.958Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-20073
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 02:02
Severity ?
EPSS score ?
Summary
In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.
References
▼ | URL | Tags |
---|---|---|
https://corp.mediatek.com/product-security-bulletin/April-2022 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | MediaTek, Inc. | MT2601, MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6873, MT6877, MT6885, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 |
Version: Android 10.0, 11.0, 12.0 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:02:30.970Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://corp.mediatek.com/product-security-bulletin/April-2022", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MT2601, MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6873, MT6877, MT6885, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797", vendor: "MediaTek, Inc.", versions: [ { status: "affected", version: "Android 10.0, 11.0, 12.0", }, ], }, ], descriptions: [ { lang: "en", value: "In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-11T19:38:05", orgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", shortName: "MediaTek", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://corp.mediatek.com/product-security-bulletin/April-2022", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mediatek.com", ID: "CVE-2022-20073", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MT2601, MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6873, MT6877, MT6885, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8695, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797", version: { version_data: [ { version_value: "Android 10.0, 11.0, 12.0", }, ], }, }, ], }, vendor_name: "MediaTek, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://corp.mediatek.com/product-security-bulletin/April-2022", refsource: "MISC", url: "https://corp.mediatek.com/product-security-bulletin/April-2022", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ee979b05-11f8-4f25-a7e0-a1fa9c190374", assignerShortName: "MediaTek", cveId: "CVE-2022-20073", datePublished: "2022-04-11T19:38:05", dateReserved: "2021-10-12T00:00:00", dateUpdated: "2024-08-03T02:02:30.970Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2022-07-06 14:15
Modified
2024-11-21 06:45
Severity ?
Summary
In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
android | 11.0 | ||
android | 12.0 | ||
mediatek | mt2601 | - | |
mediatek | mt6761 | - | |
mediatek | mt6762 | - | |
mediatek | mt6763 | - | |
mediatek | mt6765 | - | |
mediatek | mt6768 | - | |
mediatek | mt6769 | - | |
mediatek | mt6771 | - | |
mediatek | mt6779 | - | |
mediatek | mt6781 | - | |
mediatek | mt6785 | - | |
mediatek | mt6789 | - | |
mediatek | mt6795 | - | |
mediatek | mt6797 | - | |
mediatek | mt6799 | - | |
mediatek | mt6833 | - | |
mediatek | mt6853 | - | |
mediatek | mt6853t | - | |
mediatek | mt6873 | - | |
mediatek | mt6875 | - | |
mediatek | mt6877 | - | |
mediatek | mt6879 | - | |
mediatek | mt6883 | - | |
mediatek | mt6885 | - | |
mediatek | mt6889 | - | |
mediatek | mt6891 | - | |
mediatek | mt6893 | - | |
mediatek | mt6895 | - | |
mediatek | mt8167 | - | |
mediatek | mt8167s | - | |
mediatek | mt8168 | - | |
mediatek | mt8173 | - | |
mediatek | mt8185 | - | |
mediatek | mt8321 | - | |
mediatek | mt8362a | - | |
mediatek | mt8365 | - | |
mediatek | mt8385 | - | |
mediatek | mt8666 | - | |
mediatek | mt8675 | - | |
mediatek | mt8768 | - | |
mediatek | mt8786 | - | |
mediatek | mt8788 | - | |
mediatek | mt8789 | - | |
mediatek | mt8791 | - | |
mediatek | mt8797 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", matchCriteriaId: "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", matchCriteriaId: "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2601:-:*:*:*:*:*:*:*", matchCriteriaId: "8672BC44-8E6C-4A5A-A817-28B7387542D5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", matchCriteriaId: "C445EB80-6021-4E26-B74E-1B4B6910CE48", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", matchCriteriaId: "2F19C76A-50DF-4ACA-BACA-07157B4D838B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", matchCriteriaId: "D23991D5-1893-49F4-8A06-D5E66C96C3B3", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", matchCriteriaId: "8B9B0D82-82C1-4A77-A016-329B99C45F49", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*", matchCriteriaId: "809FEAD7-F02B-48A9-B442-28B46C7806C6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*", matchCriteriaId: "CE7CC141-E2D6-4F28-B6F0-167E11869CD1", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", matchCriteriaId: "366F1912-756B-443E-9962-224937DD7DFB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", matchCriteriaId: "328DA6BE-1303-4646-89B7-2EC8DC444532", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", matchCriteriaId: "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", matchCriteriaId: "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", matchCriteriaId: "15E2EC3F-9FB3-488B-B1C1-2793A416C755", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", matchCriteriaId: "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", matchCriteriaId: "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", matchCriteriaId: "3B5FE245-6346-4078-A3D0-E5F79BB636B8", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", matchCriteriaId: "3CE2FC35-716A-4706-97BA-5DB165041580", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*", matchCriteriaId: "4452EFCF-5733-40A0-8726-F8E33E569411", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*", matchCriteriaId: "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*", matchCriteriaId: "793B7F88-79E7-4031-8AD0-35C9BFD073C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", matchCriteriaId: "1505AD53-987E-4328-8E1D-F5F1EC12B677", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032.", }, { lang: "es", value: "En sched driver, Se presenta un posible uso de memoria previamente liberada debido a un bloqueo inapropiado. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del parche: ALPS06479032; ID de incidencia: ALPS06479032", }, ], id: "CVE-2022-21775", lastModified: "2024-11-21T06:45:24.827", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-06T14:15:17.693", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/July-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-667", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:42
Severity ?
Summary
In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
android | 10.0 | ||
android | 11.0 | ||
android | 12.0 | ||
mediatek | mt2601 | - | |
mediatek | mt6580 | - | |
mediatek | mt6735 | - | |
mediatek | mt6739 | - | |
mediatek | mt6761 | - | |
mediatek | mt6763 | - | |
mediatek | mt6765 | - | |
mediatek | mt6768 | - | |
mediatek | mt6771 | - | |
mediatek | mt6779 | - | |
mediatek | mt6781 | - | |
mediatek | mt6785 | - | |
mediatek | mt6799 | - | |
mediatek | mt6833 | - | |
mediatek | mt6873 | - | |
mediatek | mt6877 | - | |
mediatek | mt6885 | - | |
mediatek | mt6893 | - | |
mediatek | mt8163 | - | |
mediatek | mt8167 | - | |
mediatek | mt8167s | - | |
mediatek | mt8168 | - | |
mediatek | mt8173 | - | |
mediatek | mt8175 | - | |
mediatek | mt8183 | - | |
mediatek | mt8185 | - | |
mediatek | mt8321 | - | |
mediatek | mt8362a | - | |
mediatek | mt8365 | - | |
mediatek | mt8385 | - | |
mediatek | mt8666 | - | |
mediatek | mt8667 | - | |
mediatek | mt8675 | - | |
mediatek | mt8695 | - | |
mediatek | mt8696 | - | |
mediatek | mt8765 | - | |
mediatek | mt8766 | - | |
mediatek | mt8768 | - | |
mediatek | mt8786 | - | |
mediatek | mt8788 | - | |
mediatek | mt8789 | - | |
mediatek | mt8791 | - | |
mediatek | mt8797 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", matchCriteriaId: "D558D965-FA70-4822-A770-419E73BA9ED3", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", matchCriteriaId: "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", matchCriteriaId: "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mediatek:mt2601:-:*:*:*:*:*:*:*", matchCriteriaId: "8672BC44-8E6C-4A5A-A817-28B7387542D5", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", matchCriteriaId: "46F71838-4E50-4F2A-9EB8-30AE5DF8511E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*", matchCriteriaId: "C82E144B-0BAD-47E1-A657-3A5880988FE2", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", matchCriteriaId: "7FA8A390-9F52-4CF3-9B45-936CE3E2B828", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", matchCriteriaId: "F726F486-A86F-4215-AD93-7A07A071844A", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", matchCriteriaId: "2F19C76A-50DF-4ACA-BACA-07157B4D838B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", matchCriteriaId: "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", matchCriteriaId: "06CD97E1-8A76-48B4-9780-9698EF5A960F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", matchCriteriaId: "BE4D2AED-C713-407F-A34A-52C3D8F65835", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", matchCriteriaId: "EBA369B8-8E23-492B-82CC-23114E6A5D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EEE021-6B2A-47A0-AC6B-55525A40D718", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", matchCriteriaId: "A82E0A4F-072F-474C-B94C-8114ABE05639", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", matchCriteriaId: "9814939B-F05E-4870-90C0-7C0F6BAAEB39", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", matchCriteriaId: "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", matchCriteriaId: "DD64413C-C774-4C4F-9551-89E1AA9469EE", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", matchCriteriaId: "213B5C7F-D965-4312-9CDF-4F06FA77D401", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*", matchCriteriaId: "1D2ED140-C41B-418B-9DC7-8C486304E769", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", matchCriteriaId: "3B5FE245-6346-4078-A3D0-E5F79BB636B8", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", matchCriteriaId: "639C5BDE-2E83-427A-BAB7-85EA9348AC68", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", matchCriteriaId: "3CE2FC35-716A-4706-97BA-5DB165041580", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*", matchCriteriaId: "4452EFCF-5733-40A0-8726-F8E33E569411", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", matchCriteriaId: "582F1041-CD84-4763-AD6F-E08DD11F689F", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*", matchCriteriaId: "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*", matchCriteriaId: "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*", matchCriteriaId: "793B7F88-79E7-4031-8AD0-35C9BFD073C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", matchCriteriaId: "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", matchCriteriaId: "299378ED-41CE-4966-99B1-65D2BA1215EF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", matchCriteriaId: "2FE14B46-C1CA-465F-8578-059FA2ED30EB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", matchCriteriaId: "03E6123A-7603-4EAB-AFFB-229E8A040709", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*", matchCriteriaId: "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*", matchCriteriaId: "26573298-76BC-49FE-8D99-CF03ED01B185", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", matchCriteriaId: "3AACF35D-27E0-49AF-A667-13585C8B8071", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", matchCriteriaId: "CE45F606-2E75-48BC-9D1B-99D504974CBF", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", matchCriteriaId: "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", matchCriteriaId: "FE10C121-F2AD-43D2-8FF9-A6C197858220", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", matchCriteriaId: "1505AD53-987E-4328-8E1D-F5F1EC12B677", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", matchCriteriaId: "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", vulnerable: false, }, { criteria: "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", matchCriteriaId: "2B469BF4-5961-42E9-814B-1BE06D182E45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.", }, { lang: "es", value: "En preloader (usb), se presenta una posible escritura fuera de límites debido a un desbordamiento de enteros. Esto podría conllevar a una escalada local de privilegios, para un atacante que tenga acceso físico al dispositivo, sin ser necesarios privilegios de ejecución adicionales. Es requerida una interacción del usuario para su explotación. ID del Parche: ALPS06160841; ID de Incidencia: ALPS06160841", }, ], id: "CVE-2022-20073", lastModified: "2024-11-21T06:42:05.110", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.7, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-11T20:15:19.147", references: [ { source: "security@mediatek.com", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/April-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://corp.mediatek.com/product-security-bulletin/April-2022", }, ], sourceIdentifier: "security@mediatek.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-191", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }