In cmdq, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09057438; Issue ID: MSV-1696.
History

Mon, 02 Dec 2024 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Mediatek
Mediatek mt6765
Mediatek mt6768
Mediatek mt6779
Mediatek mt6781
Mediatek mt6785
Mediatek mt6789
Mediatek mt8765
Mediatek mt8766
Mediatek mt8768
Mediatek mt8771
Mediatek mt8781
Mediatek mt8786
Mediatek mt8788
Mediatek mt8789
Mediatek mt8791t
Mediatek mt8795t
Mediatek mt8797
Mediatek mt8798
CPEs cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
Vendors & Products Mediatek
Mediatek mt6765
Mediatek mt6768
Mediatek mt6779
Mediatek mt6781
Mediatek mt6785
Mediatek mt6789
Mediatek mt8765
Mediatek mt8766
Mediatek mt8768
Mediatek mt8771
Mediatek mt8781
Mediatek mt8786
Mediatek mt8788
Mediatek mt8789
Mediatek mt8791t
Mediatek mt8795t
Mediatek mt8797
Mediatek mt8798
Metrics cvssV3_1

{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 02 Dec 2024 03:30:00 +0000

Type Values Removed Values Added
Description In cmdq, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09057438; Issue ID: MSV-1696.
Weaknesses CWE-125
References

cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2024-12-02T03:07:13.501Z

Updated: 2024-12-02T16:11:36.133Z

Reserved: 2023-11-02T13:35:35.179Z

Link: CVE-2024-20116

cve-icon Vulnrichment

Updated: 2024-12-02T16:11:00.572Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-12-02T04:15:03.833

Modified: 2024-12-02T17:15:08.113

Link: CVE-2024-20116

cve-icon Redhat

No data.