CVE-2022-21744
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.
Affected (7)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mediatek Mt2731 | All versions |
Mediatek Mt2735 | All versions |
Mediatek Mt6297 | All versions |
Mediatek Mt6725 | All versions |
Mediatek Mt6735 | All versions |
Mediatek Mt6737 | All versions |
Mediatek Mt6739 | All versions |
Mediatek Mt6750 | All versions |
Mediatek Mt6750s | All versions |
Mediatek Mt6755 | All versions |
Mediatek Mt6757 | All versions |
Mediatek Mt6757p | All versions |
Mediatek Mt6758 | All versions |
Mediatek Mt6761 | All versions |
Mediatek Mt6762 | All versions |
Mediatek Mt6762d | All versions |
Mediatek Mt6762m | All versions |
Mediatek Mt6763 | All versions |
Mediatek Mt6765 | All versions |
Mediatek Mt6765t | All versions |
Mediatek Mt6767 | All versions |
Mediatek Mt6768 | All versions |
Mediatek Mt6769 | All versions |
Mediatek Mt6769t | All versions |
Mediatek Mt6769z | All versions |
Mediatek Mt6771 | All versions |
Mediatek Mt6775 | All versions |
Mediatek Mt6779 | All versions |
Mediatek Mt6781 | All versions |
Mediatek Mt6783 | All versions |
Mediatek Mt6785 | All versions |
Mediatek Mt6785t | All versions |
Mediatek Mt6789 | All versions |
Mediatek Mt6797 | All versions |
Mediatek Mt6799 | All versions |
Mediatek Mt6833 | All versions |
Mediatek Mt6853 | All versions |
Mediatek Mt6855 | All versions |
Mediatek Mt6873 | All versions |
Mediatek Mt6875 | All versions |
Mediatek Mt6877 | All versions |
Mediatek Mt6879 | All versions |
Mediatek Mt6880 | All versions |
Mediatek Mt6883 | All versions |
Mediatek Mt6885 | All versions |
Mediatek Mt6889 | All versions |
Mediatek Mt6890 | All versions |
Mediatek Mt6891 | All versions |
Mediatek Mt6893 | All versions |
Mediatek Mt6895 | All versions |
Mediatek Mt6983 | All versions |
Mediatek Mt8666 | All versions |
Mediatek Mt8667 | All versions |
Mediatek Mt8675 | All versions |
Mediatek Mt8735a | All versions |
Mediatek Mt8735b | All versions |
Mediatek Mt8765 | All versions |
Mediatek Mt8766 | All versions |
Mediatek Mt8768 | All versions |
Mediatek Mt8771 | All versions |
Mediatek Mt8781 | All versions |
Mediatek Mt8786 | All versions |
Mediatek Mt8788 | All versions |
Mediatek Mt8789 | All versions |
Mediatek Mt8791 | All versions |
Mediatek Mt8797 | All versions |
References (2)
Source: security@mediatek.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.