SB2023100253 - Multiple vulnerabilities in MediaTek chipsets

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023100253

SB2023100253 - Multiple vulnerabilities in MediaTek chipsets

Published: October 2, 2023

Security Bulletin ID SB2023100253
Severity
Low
Patch available
YES
Number of vulnerabilities 12
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 12 secuirty vulnerabilities.


1) Out-of-bounds write (CVE-ID: CVE-2023-20819)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to a missing bounds check within CDMA PPP protocol. A local application can execute arbitrary code.


2) Information exposure (CVE-ID: CVE-2023-32819)

The vulnerability allows a local privileged application to gain access to sensitive information.

The vulnerability exists due to a missing bounds check within display. A local privileged application can gain access to sensitive information.


3) Resource exhaustion (CVE-ID: CVE-2023-32820)

The vulnerability allows a local application to perform service disruption.

The vulnerability exists due to improper input handling within wlan firmware. A local application can perform service disruption.


4) Information exposure (CVE-ID: CVE-2023-32821)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to a permissions bypass within video. A local privileged application can execute arbitrary code.


5) Improper input validation (CVE-ID: CVE-2023-32822)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to a missing bounds check within ftm. A local privileged application can execute arbitrary code.


6) Integer overflow (CVE-ID: CVE-2023-32823)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to a missing bounds check within rpmb. A local privileged application can execute arbitrary code.


7) Double Free (CVE-ID: CVE-2023-32824)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to improper locking within rpmb. A local privileged application can execute arbitrary code.


8) Out-of-bounds write (CVE-ID: CVE-2023-32826)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to a missing input validation within camera middleware. A local privileged application can execute arbitrary code.


9) Out-of-bounds write (CVE-ID: CVE-2023-32827)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to a missing input validation within camera middleware. A local privileged application can execute arbitrary code.


10) Integer overflow (CVE-ID: CVE-2023-32828)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to an integer overflow within vpu. A local privileged application can execute arbitrary code.


11) Out-of-bounds write (CVE-ID: CVE-2023-32829)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to an integer overflow within apusys. A local privileged application can execute arbitrary code.


12) Out-of-bounds write (CVE-ID: CVE-2023-32830)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to a missing bounds check within TVAPI. A local privileged application can execute arbitrary code.


Remediation

Install update from vendor's website.

References