IoT Yocto 2023 Security Bulletin Published
Product Security Bulletin contains details of security vulnerabilities affecting MediaTek IoT Yocto devices. Device OEMs should regularly review and update all the issues of the corresponding security patches before publication.
December 2023
November 2023
October 2023
CVE-2023-32820
Title |
Denial of service in wlan firmware |
Severity |
High |
Vulnerability Type |
DoS |
CWE |
CWE-400 Denial of Service |
Description |
In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-32828
Title |
Integer overflow or wraparound in vpu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-190 Integer Overflow or Wraparound |
Description |
In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-32829
Title |
Out-of-bounds write in apusys |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-787 Out-of-bounds Write |
Description |
In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
Commit 655c1a89 |
September 2023
CVE-2023-20838
Title |
Out-of-bounds read in imgsys |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-125 Out-of-bounds Read |
Description |
In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
Commit 5657df89 |
CVE-2023-20839
Title |
Out-of-bounds read in imgsys |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-125 Out-of-bounds Read |
Description |
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
Commit 5657df89 |
CVE-2023-20840
Title |
Out-of-bounds write in imgsys |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-787 Out-of-bounds Write |
Description |
In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
Commit 2fc3589d |
CVE-2023-20841
Title |
Buffer copy without checking size of input (‘classic buffer overflow’) in imgsys |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-120 Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) |
Description |
In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
Commit 5657df89 |
CVE-2023-20842
Title |
Improper input validation in imgsys_cmdq |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 improper input validation |
Description |
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
Commit 2fc3589d |
CVE-2023-20843
Title |
Improper input validation in imgsys_cmdq |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-20 improper input validation |
Description |
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
Commit 2fc3589d |
CVE-2023-20844
Title |
Out-of-bounds read in imgsys_cmdq |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-125 Out-of-bounds Read |
Description |
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
Commit 2fc3589d |
CVE-2023-20845
Title |
Improper input validation in imgsys” |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-20 improper input validation |
Description |
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
CVE-2023-20846
Title |
Out-of-bounds read in imgsys_cmdq |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-125 Out-of-bounds Read |
Description |
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
Commit 2fc3589d |
CVE-2023-20847
Title |
Improper input validation in imgsys_cmdq |
Severity |
Medium |
Vulnerability Type |
DoS |
CWE |
CWE-20 improper input validation |
Description |
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
Commit 2fc3589d |
CVE-2023-20848
Title |
Improper input validation in imgsys_cmdq |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 improper input validation |
Description |
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
Commit e0d0be11 |
CVE-2023-20849
Title |
Uaf in imgsys_cmdq |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-416 UAF |
Description |
In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
Commit e0d0be11 |
CVE-2023-20850
Title |
Out-of-bounds write in imgsys_cmdq |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-787 Out-of-bounds Write |
Description |
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8370 |
References |
Commit e0d0be11 |
CVE-2023-32807
Title |
Improper input validation in connectivity system driver |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-32811
Title |
Improper input validation in connectivity system driver |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
August 2023
CVE-2023-20800
Title |
Improper input validation in imgsys |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In imgsys, there is a possible system crash due to a missing ptr check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
Commit 27c5dd10 |
CVE-2023-20801
Title |
Improper input validation in imgsys |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In imgsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
Commit 27c5dd10 |
CVE-2023-20802
Title |
Improper input validation in imgsys |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-119 Improper Input Validation |
Description |
In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
Commit 27c5dd10 |
CVE-2023-20803
Title |
Improper input validation in imgsys |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-119 Improper Input Validation |
Description |
In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
Commit 5657df89 |
CVE-2023-20804
Title |
Out-of-bounds write in imgsys |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-787 Out-of-bounds Write |
Description |
In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
Commit c80303b4 |
CVE-2023-20805
Title |
Out-of-bounds write in imgsys |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-787 Out-of-bounds Write |
Description |
In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
Commit c80303b4 |
July 2023
June 2023
CVE-2023-20728
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-20731
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-20732
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-20712
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-20715
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-20716
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-20733
Title |
Improper synchronization in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Improper Synchronization |
Description |
In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
CVE-2023-20734
Title |
Improper input validation in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
CVE-2023-20735
Title |
Improper input validation in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
CVE-2023-20736
Title |
Improper synchronization in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Improper Synchronization |
Description |
In vcu, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
CVE-2023-20737
Title |
Improper synchronization in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Improper Synchronization |
Description |
In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
CVE-2023-20738
Title |
Improper input validation in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
CVE-2023-20739
Title |
Concurrent execution using shared resource with improper synchronization (‘race condition’) in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Concurrent Execution using Shared Resource with Improper Synchronization (‘Race Condition’) |
Description |
In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
Commit 3897f570 |
CVE-2023-20740
Title |
Concurrent execution using shared resource with improper synchronization (‘race condition’) in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Concurrent Execution using Shared Resource with Improper Synchronization (‘Race Condition’) |
Description |
In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
Commit 3897f570 |
CVE-2023-20743
Title |
Improper synchronization in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Improper Synchronization |
Description |
In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
Commit e66a9d5e |
CVE-2023-20744
Title |
Improper synchronization in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Improper Synchronization |
Description |
In vcu, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
Commit e66a9d5e |
CVE-2023-20745
Title |
Improper synchronization in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Improper Synchronization |
Description |
In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
Commit e66a9d5e |
CVE-2023-20746
Title |
Improper synchronization in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Improper Synchronization |
Description |
In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
Commit e66a9d5e |
May 2023
CVE-2023-20718
Title |
Improper input validation in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390,MT8365 |
References |
CVE-2023-20721
Title |
Improper input validation in isp |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
In isp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
Commit 88d490a9 |
CVE-2023-20673
Title |
Incorrect comparison in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-697 Incorrect Comparison |
Description |
In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
Commit a30d1499 |
April 2023
CVE-2023-20659
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-20674
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-20675
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-20676
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-20677
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-20679
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-20682
Title |
Improper input validation in wlan |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
March 2023
February 2023
CVE-2023-20606
Title |
Improper input validation in apusys |
Severity |
Medium |
Vulnerability Type |
ID |
CWE |
CWE-20 Improper Input Validation |
Description |
In apusys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2023-20618
Title |
Out-of-bounds read in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-125 Out-of-bounds Read |
Description |
In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
Commit 524e491d |
CVE-2023-20619
Title |
Use after free in vcu |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-416 Use After Free |
Description |
In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395,MT8390 |
References |
Commit 524e491d |
CVE-2022-32642
Title |
Improper synchronization in ccd |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Improper Synchronization |
Description |
In ccd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
Commit 717a7d6c |
CVE-2022-32643
Title |
Improper synchronization in ccd |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-662 Improper Synchronization |
Description |
In ccd, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
Commit 717a7d6c |
CVE-2022-32654
Title |
Improper input validation in Wi-Fi driver |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2022-32655
Title |
Improper input validation in Wi-Fi driver |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2022-32656
Title |
Improper input validation in Wi-Fi driver |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-20 Improper Input Validation |
Description |
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
CVE-2022-32663
Title |
Null pointer dereference in Wi-Fi driver |
Severity |
Medium |
Vulnerability Type |
DoS |
CWE |
CWE-476 NULL Pointer Dereference |
Description |
In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8365 |
References |
The software repository related to this issue requires more privilege access permission (NDA). Please contact the customer window of IoT Yocto team. |
January 2023
CVE-2022-32650
Title |
Incorrect calculation of buffer size in isp |
Severity |
Medium |
Vulnerability Type |
EoP |
CWE |
CWE-131 Incorrect Calculation of Buffer Size |
Description |
In mtk-isp, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Affected Chipsets |
MT8395 |
References |
Commit de2186e2 |