In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07560694.
References
Link | Resource |
---|---|
https://corp.mediatek.com/product-security-bulletin/June-2023 | Vendor Advisory |
https://corp.mediatek.com/product-security-bulletin/June-2023 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 07:41
Type | Values Removed | Values Added |
---|---|---|
References | () https://corp.mediatek.com/product-security-bulletin/June-2023 - Vendor Advisory |
09 Jun 2023, 03:53
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
CWE | CWE-667 | |
First Time |
Mediatek mt8395
Linuxfoundation iot-yocto Linuxfoundation Mediatek mt8185 Mediatek mt6855 Mediatek mt8791 Mediatek mt8786 Mediatek mt8195 Mediatek mt8797 Google android Mediatek mt8365 Mediatek mt6789 Mediatek mt8789 Linuxfoundation yocto Mediatek mt8781 Mediatek |
|
CPE | cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:* cpe:2.3:a:linuxfoundation:iot-yocto:22.2:*:*:*:*:*:*:* cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:* |
|
References | (MISC) https://corp.mediatek.com/product-security-bulletin/June-2023 - Vendor Advisory |
06 Jun 2023, 13:36
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-06 13:15
Updated : 2024-11-21 07:41
NVD link : CVE-2023-20745
Mitre link : CVE-2023-20745
CVE.ORG link : CVE-2023-20745
JSON object : View
Products Affected
mediatek
- mt8365
- mt8786
- mt8789
- mt6789
- mt8185
- mt6855
- mt8395
- mt8791
- mt8781
- mt8195
- mt8797
linuxfoundation
- yocto
- iot-yocto
- android
CWE
CWE-667
Improper Locking