In emmc_rpmb_ioctl of emmc_rpmb.c, there is an Information Disclosure due to a Missing Bounds Check. This could lead to Information Disclosure of kernel data. |
In oemCallback of ril.cpp, there is a possible out of bounds write due to an
integer overflow. This could lead to local escalation of privilege with
System execution privileges needed. User interaction is not nee...Show moreIn oemCallback of ril.cpp, there is a possible out of bounds write due to an
integer overflow. This could lead to local escalation of privilege with
System execution privileges needed. User interaction is not needed for
exploitation.Show less |
In the MTK_FLP_MSG_HAL_DIAG_REPORT_DATA_NTF handler of flp2hal_-
interface.c, there is a possible stack buffer overflow due to a missing
bounds check. This could lead to local escalation of privilege in a
pri...Show moreIn the MTK_FLP_MSG_HAL_DIAG_REPORT_DATA_NTF handler of flp2hal_-
interface.c, there is a possible stack buffer overflow due to a missing
bounds check. This could lead to local escalation of privilege in a
privileged process with System execution privileges needed. User interaction
is not needed for exploitation.Show less |
In multiple functions of gl_proc.c, there is a buffer overwrite due to a missing bounds check. This could lead to escalation of privileges in the kernel. |
In gt1x_debug_write_proc and gt1x_tool_write of
drivers/input/touchscreen/mediatek/GT1151/gt1x_generic.c and gt1x_tools.c,
there is a possible out of bounds write due to a missing bounds check. This
could lea...Show moreIn gt1x_debug_write_proc and gt1x_tool_write of
drivers/input/touchscreen/mediatek/GT1151/gt1x_generic.c and gt1x_tools.c,
there is a possible out of bounds write due to a missing bounds check. This
could lead to local escalation of privilege with System execution privileges
needed. User interaction is not needed for exploitation.Show less |
In /proc/driver/wmt_dbg driver, there are several possible out of bounds
writes. These could lead to local escalation of privilege with System
execution privileges needed. User interaction is not needed for
e...Show moreIn /proc/driver/wmt_dbg driver, there are several possible out of bounds
writes. These could lead to local escalation of privilege with System
execution privileges needed. User interaction is not needed for
exploitation.Show less |
In fm_set_stat of mediatek FM radio driver, there is a possible OOB write
due to improper input validation. This could lead to local escalation of
privilege with System execution privileges needed. User interacti...Show moreIn fm_set_stat of mediatek FM radio driver, there is a possible OOB write
due to improper input validation. This could lead to local escalation of
privilege with System execution privileges needed. User interaction is not
needed for exploitation.Show less |
In WMT_unlocked_ioctl of MTK WMT device driver, there is a possible OOB
write due to a missing bounds check. This could lead to local escalation of
privilege with System execution privileges needed. User interact...Show moreIn WMT_unlocked_ioctl of MTK WMT device driver, there is a possible OOB
write due to a missing bounds check. This could lead to local escalation of
privilege with System execution privileges needed. User interaction is not
needed for exploitation.Show less |
In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System ex...Show moreIn rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Show less |
In mtk_cfg80211_vendor_packet_keep_alive_start and mtk_cfg80211_vendor_set_config of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_vendor.c, there is a possible OOB write due to a missing bounds check. This co...Show moreIn mtk_cfg80211_vendor_packet_keep_alive_start and mtk_cfg80211_vendor_set_config of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_vendor.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Show less |
In mtk_p2p_wext_set_key of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_p2p.c, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System exec...Show moreIn mtk_p2p_wext_set_key of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_p2p.c, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Show less |
In procfile_write of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_proc.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution pr...Show moreIn procfile_write of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_proc.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Show less |
In get_binary of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/data_coder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege wit...Show moreIn get_binary of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/data_coder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Show less |
In process_service_search_attr_rsp of sdp_discovery.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed....Show moreIn process_service_search_attr_rsp of sdp_discovery.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Show less |
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User inte...Show moreIn sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Show less |
In gatt_process_error_rsp of gatt_cl.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interacti...Show moreIn gatt_process_error_rsp of gatt_cl.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Show less |
In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...Show moreIn OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less |
In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not n...Show moreIn prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Show less |
In buildImageItemsIfPossible of ItemTable.cpp there is a possible out of bound read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is...Show moreIn buildImageItemsIfPossible of ItemTable.cpp there is a possible out of bound read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Show less |
In RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java, an incorrect implementation could cause weak RSA key pairs being generated. This could lead to crypto vulnerability with no additional execution...Show moreIn RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java, an incorrect implementation could cause weak RSA key pairs being generated. This could lead to crypto vulnerability with no additional execution privileges needed. User interaction is not needed for exploitation. Bulletin Fix: The fix is designed to correctly implement the key generation according to FIPS standard.Show less |