In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09154589; Issue ID: MSV-1866.
History

Mon, 02 Dec 2024 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Mediatek
Mediatek mt6835
Mediatek mt6878
Mediatek mt6879
Mediatek mt6895
Mediatek mt6896
Mediatek mt6897
Mediatek mt6983
Mediatek mt6985
Mediatek mt6989
Mediatek mt8755
Mediatek mt8775
Mediatek mt8796
Mediatek mt8798
CPEs cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8755:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
Vendors & Products Mediatek
Mediatek mt6835
Mediatek mt6878
Mediatek mt6879
Mediatek mt6895
Mediatek mt6896
Mediatek mt6897
Mediatek mt6983
Mediatek mt6985
Mediatek mt6989
Mediatek mt8755
Mediatek mt8775
Mediatek mt8796
Mediatek mt8798
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 02 Dec 2024 03:30:00 +0000

Type Values Removed Values Added
Description In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09154589; Issue ID: MSV-1866.
Weaknesses CWE-787
References

cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2024-12-02T03:07:06.661Z

Updated: 2024-12-03T04:55:31.780Z

Reserved: 2023-11-02T13:35:35.181Z

Link: CVE-2024-20134

cve-icon Vulnrichment

Updated: 2024-12-02T15:46:13.691Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-12-02T04:15:05.693

Modified: 2024-12-02T16:15:07.907

Link: CVE-2024-20134

cve-icon Redhat

No data.