In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405.
References
Link | Resource |
---|---|
https://corp.mediatek.com/product-security-bulletin/October-2022 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
12 Oct 2022, 13:31
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mediatek mt6855
Mediatek mt8321 Mediatek mt8675 Mediatek mt6895 Linuxfoundation Mediatek mt6983 Mediatek mt8518 Google android Mediatek Linuxfoundation yocto Mediatek mt8789 Mediatek mt8768 Mediatek mt6879 Mediatek mt8185 Mediatek mt8666 Mediatek mt8385 Mediatek mt8765 Mediatek mt8786 Mediatek mt8788 |
|
CPE | cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:* cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:* cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:* |
|
References | (MISC) https://corp.mediatek.com/product-security-bulletin/October-2022 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
CWE | CWE-787 |
07 Oct 2022, 21:04
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-07 20:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-32592
Mitre link : CVE-2022-32592
CVE.ORG link : CVE-2022-32592
JSON object : View
Products Affected
mediatek
- mt8765
- mt8786
- mt8788
- mt6895
- mt8518
- mt8185
- mt8321
- mt8675
- mt8768
- mt6983
- mt8385
- mt8789
- mt6855
- mt8666
- mt6879
linuxfoundation
- yocto
- android
CWE
CWE-787
Out-of-bounds Write