.. spelling:word-list:: apusys ccd cmdq DoS imgsys mtk ptr Uaf vcu vpu .. include:: /keyword.rst ============================================= |IOT-YOCTO| 2023 Security Bulletin Published ============================================= Product Security Bulletin contains details of security vulnerabilities affecting MediaTek |IOT-YOCTO| devices. Device OEMs should regularly review and update all the issues of the corresponding security patches before publication. .. contents:: Sections :local: :depth: 2 December 2023 --------------- November 2023 --------------- October 2023 --------------- CVE-2023-32820 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Denial of service in wlan firmware" "Severity", "High" "Vulnerability Type", "DoS" "CWE", "CWE-400 Denial of Service" "Description", "In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-32828 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Integer overflow or wraparound in vpu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-190 Integer Overflow or Wraparound" "Description", "In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-32829 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Out-of-bounds write in apusys" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-787 Out-of-bounds Write" "Description", "In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `655c1a89 `_ " September 2023 --------------- CVE-2023-20838 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Out-of-bounds read in imgsys" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-125 Out-of-bounds Read" "Description", "In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `5657df89 `_ " CVE-2023-20839 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Out-of-bounds read in imgsys" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-125 Out-of-bounds Read" "Description", "In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `5657df89 `_ " CVE-2023-20840 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Out-of-bounds write in imgsys" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-787 Out-of-bounds Write" "Description", "In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `2fc3589d `_ " CVE-2023-20841 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Buffer copy without checking size of input ('classic buffer overflow') in imgsys" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" "Description", "In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `5657df89 `_ " CVE-2023-20842 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in imgsys_cmdq" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 improper input validation" "Description", "In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `2fc3589d `_ " CVE-2023-20843 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in imgsys_cmdq" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-20 improper input validation" "Description", "In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `2fc3589d `_ " CVE-2023-20844 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Out-of-bounds read in imgsys_cmdq" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-125 Out-of-bounds Read" "Description", "In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `2fc3589d `_ " CVE-2023-20845 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", Improper input validation in imgsys" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-20 improper input validation" "Description", "In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `45575798 `_ , `285b2095 `_ " CVE-2023-20846 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Out-of-bounds read in imgsys_cmdq" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-125 Out-of-bounds Read" "Description", "In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `2fc3589d `_ " CVE-2023-20847 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in imgsys_cmdq" "Severity", "Medium" "Vulnerability Type", "DoS" "CWE", "CWE-20 improper input validation" "Description", "In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `2fc3589d `_ " CVE-2023-20848 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in imgsys_cmdq" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 improper input validation" "Description", "In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `e0d0be11 `_ " CVE-2023-20849 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Uaf in imgsys_cmdq" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-416 UAF" "Description", "In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `e0d0be11 `_ " CVE-2023-20850 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Out-of-bounds write in imgsys_cmdq" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-787 Out-of-bounds Write" "Description", "In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8370" "References", "Commit `e0d0be11 `_ " CVE-2023-32807 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in connectivity system driver" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-32811 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in connectivity system driver" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." August 2023 --------------- CVE-2023-20800 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in imgsys" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In imgsys, there is a possible system crash due to a missing ptr check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395" "References", "Commit `27c5dd10 `_ " CVE-2023-20801 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in imgsys" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In imgsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395" "References", "Commit `27c5dd10 `_ " CVE-2023-20802 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in imgsys" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-119 Improper Input Validation" "Description", "In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395" "References", "Commit `27c5dd10 `_ " CVE-2023-20803 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in imgsys" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-119 Improper Input Validation" "Description", "In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation." "Affected Chipsets", "MT8395" "References", "Commit `5657df89 `_ " CVE-2023-20804 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Out-of-bounds write in imgsys" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-787 Out-of-bounds Write" "Description", "In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395" "References", "Commit `c80303b4 `_ " CVE-2023-20805 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Out-of-bounds write in imgsys" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-787 Out-of-bounds Write" "Description", "In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395" "References", "Commit `c80303b4 `_ " July 2023 --------------- June 2023 --------------- CVE-2023-20728 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-20731 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-20732 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-20712 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-20715 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-20716 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-20733 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper synchronization in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Improper Synchronization" "Description", "In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `cd699f74 `_ , `62bf063e `_ , `db9a4b9c `_" CVE-2023-20734 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `cd699f74 `_ , `62bf063e `_ , `db9a4b9c `_" CVE-2023-20735 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `cd699f74 `_ , `62bf063e `_ , `db9a4b9c `_" CVE-2023-20736 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper synchronization in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Improper Synchronization" "Description", "In vcu, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `cd699f74 `_ , `62bf063e `_ , `db9a4b9c `_" CVE-2023-20737 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper synchronization in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Improper Synchronization" "Description", "In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `cd699f74 `_ , `62bf063e `_ , `db9a4b9c `_" CVE-2023-20738 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `cd699f74 `_ , `62bf063e `_ , `db9a4b9c `_" CVE-2023-20739 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Concurrent execution using shared resource with improper synchronization ('race condition') in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" "Description", "In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `3897f570 `_" CVE-2023-20740 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Concurrent execution using shared resource with improper synchronization ('race condition') in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" "Description", "In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `3897f570 `_" CVE-2023-20743 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper synchronization in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Improper Synchronization" "Description", "In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `e66a9d5e `_" CVE-2023-20744 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper synchronization in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Improper Synchronization" "Description", "In vcu, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `e66a9d5e `_" CVE-2023-20745 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper synchronization in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Improper Synchronization" "Description", "In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `e66a9d5e `_" CVE-2023-20746 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper synchronization in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Improper Synchronization" "Description", "In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `e66a9d5e `_" May 2023 --------------- CVE-2023-20718 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390,MT8365" "References", "Commit `2ea38e62 `_ (MT8395,MT8390), `737b2f4a `_ (MT8365)" CVE-2023-20721 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in isp" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "In isp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `88d490a9 `_" CVE-2023-20673 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Incorrect comparison in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-697 Incorrect Comparison" "Description", "In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `a30d1499 `_" April 2023 --------------- CVE-2023-20659 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-20674 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-20675 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-20676 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-20677 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-20679 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-20682 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in wlan" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." March 2023 --------------- February 2023 --------------- CVE-2023-20606 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in apusys" "Severity", "Medium" "Vulnerability Type", "ID" "CWE", "CWE-20 Improper Input Validation" "Description", "In apusys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2023-20618 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Out-of-bounds read in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-125 Out-of-bounds Read" "Description", "In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `524e491d `_" CVE-2023-20619 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Use after free in vcu" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-416 Use After Free" "Description", "In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395,MT8390" "References", "Commit `524e491d `_" CVE-2022-32642 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper synchronization in ccd" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Improper Synchronization" "Description", "In ccd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395" "References", "Commit `717a7d6c `_" CVE-2022-32643 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper synchronization in ccd" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-662 Improper Synchronization" "Description", "In ccd, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395" "References", "Commit `717a7d6c `_" CVE-2022-32654 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in Wi-Fi driver" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2022-32655 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in Wi-Fi driver" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2022-32656 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Improper input validation in Wi-Fi driver" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-20 Improper Input Validation" "Description", "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." CVE-2022-32663 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Null pointer dereference in Wi-Fi driver" "Severity", "Medium" "Vulnerability Type", "DoS" "CWE", "CWE-476 NULL Pointer Dereference" "Description", "In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8365" "References", "The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of |IOT-YOCTO| team." January 2023 --------------- CVE-2022-32650 ^^^^^^^^^^^^^^^ .. csv-table:: :widths: 10, 30 "Title", "Incorrect calculation of buffer size in isp" "Severity", "Medium" "Vulnerability Type", "EoP" "CWE", "CWE-131 Incorrect Calculation of Buffer Size" "Description", "In mtk-isp, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." "Affected Chipsets", "MT8395" "References", "Commit `de2186e2 `_"