CVE-2023-32887
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).
Affected (3)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions | |
| All versions | |
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mediatek Mt2735 | All versions |
Mediatek Mt6813 | All versions |
Mediatek Mt6833 | All versions |
Mediatek Mt6833p | All versions |
Mediatek Mt6835 | All versions |
Mediatek Mt6853 | All versions |
Mediatek Mt6853t | All versions |
Mediatek Mt6855 | All versions |
Mediatek Mt6873 | All versions |
Mediatek Mt6875 | All versions |
Mediatek Mt6877 | All versions |
Mediatek Mt6877t | All versions |
Mediatek Mt6878 | All versions |
Mediatek Mt6879 | All versions |
Mediatek Mt6880 | All versions |
Mediatek Mt6883 | All versions |
Mediatek Mt6885 | All versions |
Mediatek Mt6886 | All versions |
Mediatek Mt6889 | All versions |
Mediatek Mt6890 | All versions |
Mediatek Mt6891 | All versions |
Mediatek Mt6893 | All versions |
Mediatek Mt6895 | All versions |
Mediatek Mt6895t | All versions |
Mediatek Mt6896 | All versions |
Mediatek Mt6897 | All versions |
Mediatek Mt6980 | All versions |
Mediatek Mt6980d | All versions |
Mediatek Mt6983t | All versions |
Mediatek Mt6983w | All versions |
Mediatek Mt6983z | All versions |
Mediatek Mt6985 | All versions |
Mediatek Mt6985t | All versions |
Mediatek Mt6989 | All versions |
Mediatek Mt6990 | All versions |
Related CWEs
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
References (2)
Source: security@mediatek.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.