SB2022090512 - Multiple vulnerabilities in MediaTek Chipsets
Published: September 5, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 23 secuirty vulnerabilities.
1) Out-of-bounds write (CVE-ID: CVE-2022-26447)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in BT firmware. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.
2) Out-of-bounds write (CVE-ID: CVE-2022-26448)
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in apusys. A loal user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.
3) Out-of-bounds write (CVE-ID: CVE-2022-26449)
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in apusys. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.
4) Race condition (CVE-ID: CVE-2022-26450)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in apusys. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
5) Use-after-free (CVE-ID: CVE-2022-26451)
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to improper synchronization in ged. A local user can gain elevated privileges on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
6) Use-after-free (CVE-ID: CVE-2022-26453)
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in teei. A local user can gain elevated privileges on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
7) Integer overflow (CVE-ID: CVE-2022-26454)
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in teei. A local user can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
8) Improper Handling of Exceptional Conditions (CVE-ID: CVE-2022-26455)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to incorrect error handling in gz. A local user can gain elevated privileges on the target system.
9) UNIX symbolic link following (CVE-ID: CVE-2022-26456)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a symlink following issue in vow. A local user can gain unauthorized access to sensitive information on the system.
10) Out-of-bounds write (CVE-ID: CVE-2022-26457)
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in vow. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.
11) Out-of-bounds write (CVE-ID: CVE-2022-26458)
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in vow. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.
12) Integer overflow (CVE-ID: CVE-2022-26459)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to integer overflow in vow. A local user can pass specially crafted data to the application, trigger integer overflow and gain unauthorized access to sensitive information on the system.
13) Out-of-bounds write (CVE-ID: CVE-2022-26460)
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in vow. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.
14) undefined (CVE-ID: CVE-2022-26461)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to undefined behavior for input to api in vow, which leads to security restrictions bypass and privilege escalation.
15) Out-of-bounds read (CVE-ID: CVE-2022-26462)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in vow. A local user to trigger out-of-bounds read error and read contents of memory on the system.
16) Out-of-bounds read (CVE-ID: CVE-2022-26463)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in vow. A local user can trigger out-of-bounds read error and read contents of memory on the system.
17) Out-of-bounds write (CVE-ID: CVE-2022-26464)
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in vow. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.
18) Out-of-bounds write (CVE-ID: CVE-2022-26465)
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in audio ipi. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.
19) Integer overflow (CVE-ID: CVE-2022-26466)
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in audio ipi. A local user can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
20) Out-of-bounds write (CVE-ID: CVE-2022-26467)
The vulnerability allows a local usuer to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in rpmb. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.
21) Out-of-bounds write (CVE-ID: CVE-2022-26468)
The vulnerability allows a local attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in preloader (usb). An attacker with physical access can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.
22) Unsafe reflection (CVE-ID: CVE-2022-26469)
The vulnerability allows a local attacker to escalate privileges on the system.
The vulnerability exists due to unsafe reflection in MtkEmail. A local attacker can gain elevated privileges on the system.
23) Out-of-bounds write (CVE-ID: CVE-2022-26470)
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in aie. A local user can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.
Remediation
Install update from vendor's website.