IoT Yocto 2022 Security Bulletin Published
Product Security Bulletin contains details of security vulnerabilities affecting MediaTek IoT Yocto devices. Device OEMs should regularly review and update all the issues of the corresponding security patches before publication.
December 2022
November 2022
CVE-2022-32605
Title |
Improper input validation in isp |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In isp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
Commit b2d3902d |
CVE-2022-32609
Title |
Improper synchronization in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Improper Synchronization |
Description |
In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8365,MT8390 |
References |
Commit 19341bfc |
CVE-2022-32610
Title |
Improper synchronization in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Improper Synchronization |
Description |
In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
Commit 524e491d |
CVE-2022-32611
Title |
Improper input validation in isp |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
Commit 971a2daf |
CVE-2022-32612
Title |
Concurrent execution using shared resource with improper synchronization (‘race condition’) in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Concurrent Execution using Shared Resource with Improper Synchronization (‘Race Condition’) |
Description |
In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
Commit 524e491d |
CVE-2022-32613
Title |
Concurrent execution using shared resource with improper synchronization (‘race condition’) in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Concurrent Execution using Shared Resource with Improper Synchronization (‘Race Condition’) |
Description |
In vcu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8365,MT8390 |
References |
Commit 19341bfc |
CVE-2022-32616
Title |
Improper input validation in isp |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In isp, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
Commit cf75c0c2 |
October 2022
CVE-2022-26452
Title |
Improper synchronization in isp |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Improper Synchronization |
Description |
In isp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
Commit 37ce3b89 |
CVE-2022-26475
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2022-32589
Title |
Improper resource shutdown or release in Wi-Fi driver |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-404 Improper Resource Shutdown or Release |
Description |
In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2022-32590
Title |
Improper check or handling of exceptional conditions in wlan |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-703 Improper Check or Handling of Exceptional Conditions |
Description |
In wlan, there is a possible use after free due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
September 2022
CVE-2022-26449
Title |
Improper input validation in apusys |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
August 2022
July 2022
CVE-2022-21785
Title |
Improper input validation in WLAN driver |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
June 2022
CVE-2022-21745
Title |
Use after free in WIFI Firmware |
Severity |
High |
Vulnerability Type |
EoP |
CWE |
CWE-502 Deserialization of Untrusted Data |
Description |
In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2022-21750
Title |
Improper input validation in WLAN driver |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2022-21751
Title |
Improper input validation in WLAN driver |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2022-21752
Title |
Improper input validation in WLAN driver |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2022-21753
Title |
Improper input validation in WLAN driver |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2022-21754
Title |
Improper input validation in WLAN driver |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2022-21755
Title |
Improper input validation in WLAN driver |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-20 Improper Input Validation |
Description |
In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2022-21756
Title |
Improper input validation in WLAN driver |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-20 Improper Input Validation |
Description |
In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2022-21757
Title |
Uncontrolled resource consumption in WIFI Firmware |
Severity |
Medium |
Vulnerability Type |
DoS |
CWE |
CWE-400 Uncontrolled Resource Consumption |
Description |
In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |