.. spelling:word-list:: apusys DoS vcu .. include:: /keyword.rst ============================================= |IOT-YOCTO| 2022 Security Bulletin Published ============================================= Product Security Bulletin contains details of security vulnerabilities affecting MediaTek |IOT-YOCTO| devices. Device OEMs should regularly review and update all the issues of the corresponding security patches before publication. .. contents:: Sections :local: :depth: 2 December 2022 --------------- November 2022 --------------- CVE-2022-32605 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in isp" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In isp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395" "References", "Commit `b2d3902d `_" CVE-2022-32609 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper synchronization in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Improper Synchronization" "Description", "In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8365,MT8390" "References", "Commit `19341bfc `_" CVE-2022-32610 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper synchronization in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Improper Synchronization" "Description", "In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `524e491d `_" CVE-2022-32611 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in isp" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395" "References", "Commit `971a2daf `_" CVE-2022-32612 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Concurrent execution using shared resource with improper synchronization ('race condition') in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" "Description", "In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `524e491d `_" CVE-2022-32613 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Concurrent execution using shared resource with improper synchronization ('race condition') in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" "Description", "In vcu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8365,MT8390" "References", "Commit `19341bfc `_" CVE-2022-32616 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in isp" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In isp, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395" "References", "Commit `cf75c0c2 `_" October 2022 --------------- CVE-2022-26452 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper synchronization in isp" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Improper Synchronization" "Description", "In isp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395" "References", "Commit `37ce3b89 `_" CVE-2022-26475 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2022-32589 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper resource shutdown or release in Wi-Fi driver" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-404 Improper Resource Shutdown or Release" "Description", "In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2022-32590 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper check or handling of exceptional conditions in wlan" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-703 Improper Check or Handling of Exceptional Conditions" "Description", "In wlan, there is a possible use after free due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." September 2022 --------------- CVE-2022-26449 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in apusys" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." August 2022 --------------- July 2022 --------------- CVE-2022-21785 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in WLAN driver" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." June 2022 --------------- CVE-2022-21745 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Use after free in WIFI Firmware" "Severity", "High" "Vulnerability Type", "EoP" "CWE", "CWE-502 Deserialization of Untrusted Data" "Description", "In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2022-21750 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in WLAN driver" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2022-21751 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in WLAN driver" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2022-21752 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in WLAN driver" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2022-21753 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in WLAN driver" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2022-21754 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in WLAN driver" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2022-21755 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in WLAN driver" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-20 Improper Input Validation" "Description", "In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2022-21756 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in WLAN driver" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-20 Improper Input Validation" "Description", "In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2022-21757 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Uncontrolled resource consumption in WIFI Firmware" "Severity", "Medium" "Vulnerability Type", "DoS" "CWE", "CWE-400 Uncontrolled Resource Consumption" "Description", "In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." May 2022 ---------------