← Back

CVE-2022-20018

nvd nist
Published: Jan 4, 2022Modified: Nov 21, 2024

JSON object

Loading...
4.4
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Exploitability: 0.8 / Impact: 3.6
Source: NVD

Description

In seninf driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863018; Issue ID: ALPS05863018.

Affected (3)

Products: Google: Android
Google
1 product
Android
Configuration A
3 vulnerable · 32 platform
Vulnerable SoftwareAffected Versions
Google
Android
Version 10.0
Android
Version 11.0
Android
Version 12.0
Running on/withPlatform Versions
Mediatek
Mt6580
All versions
Mediatek
Mt6739
All versions
Mediatek
Mt6757
All versions
Mediatek
Mt6757c
All versions
Mediatek
Mt6757cd
All versions
Mediatek
Mt6757ch
All versions
Mediatek
Mt6761
All versions
Mediatek
Mt6762
All versions
Mediatek
Mt6763
All versions
Mediatek
Mt6765
All versions
Mediatek
Mt6768
All versions
Mediatek
Mt6769
All versions
Mediatek
Mt6771
All versions
Mediatek
Mt6779
All versions
Mediatek
Mt6781
All versions
Mediatek
Mt6785
All versions
Mediatek
Mt6833
All versions
Mediatek
Mt6853
All versions
Mediatek
Mt6853t
All versions
Mediatek
Mt6873
All versions
Mediatek
Mt6875
All versions
Mediatek
Mt6877
All versions
Mediatek
Mt6883
All versions
Mediatek
Mt6885
All versions
Mediatek
Mt6889
All versions
Mediatek
Mt6891
All versions
Mediatek
Mt6893
All versions
Mediatek
Mt8167
All versions
Mediatek
Mt8168
All versions
Mediatek
Mt8173
All versions
Mediatek
Mt8362a
All versions
Mediatek
Mt8365
All versions

Related CWEs

CWE-908
Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.

References (2)

Source: security@mediatek.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.