SB2023120433 - Multiple vulnerabilities in MediaTek chipsets
Published: December 4, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 30 secuirty vulnerabilities.
1) Reachable Assertion (CVE-ID: CVE-2023-32845)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper error handling within 5G Modem. A local application can perform service disruption.
2) Out-of-bounds read (CVE-ID: CVE-2023-32870)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within display drm. A local privileged application can execute arbitrary code.
3) Out-of-bounds write (CVE-ID: CVE-2023-32869)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within display drm. A local privileged application can execute arbitrary code.
4) Out-of-bounds write (CVE-ID: CVE-2023-32868)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within display drm. A local privileged application can execute arbitrary code.
5) Out-of-bounds write (CVE-ID: CVE-2023-32867)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within display drm. A local privileged application can execute arbitrary code.
6) Out-of-bounds write (CVE-ID: CVE-2023-32866)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to an incorrect bounds check within mmp. A local privileged application can execute arbitrary code.
7) Out-of-bounds write (CVE-ID: CVE-2023-32865)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to an incorrect bounds check within display drm. A local privileged application can execute arbitrary code.
8) Out-of-bounds write (CVE-ID: CVE-2023-32864)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to an incorrect bounds check within display drm. A local privileged application can execute arbitrary code.
9) Out-of-bounds read (CVE-ID: CVE-2023-32863)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within display drm. A local privileged application can execute arbitrary code.
10) Out-of-bounds read (CVE-ID: CVE-2023-32862)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to an incorrect bounds check within display. A local privileged application can execute arbitrary code.
11) Out-of-bounds read (CVE-ID: CVE-2023-32861)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to an incorrect bounds check within display. A local privileged application can execute arbitrary code.
12) Buffer overflow (CVE-ID: CVE-2023-32860)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within display. A local privileged application can execute arbitrary code.
13) Buffer overflow (CVE-ID: CVE-2023-32859)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within meta. A local privileged application can execute arbitrary code.
14) Reachable Assertion (CVE-ID: CVE-2023-32846)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper error handling within 5G Modem. A local application can perform service disruption.
15) Reachable Assertion (CVE-ID: CVE-2023-32844)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper error handling within 5G Modem. A local application can perform service disruption.
16) Out-of-bounds write (CVE-ID: CVE-2023-32847)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within audio. A local application can execute arbitrary code.
17) Reachable Assertion (CVE-ID: CVE-2023-32843)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper error handling within 5G Modem. A local application can perform service disruption.
18) Reachable Assertion (CVE-ID: CVE-2023-32842)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper error handling within 5G Modem. A local application can perform service disruption.
19) Reachable Assertion (CVE-ID: CVE-2023-32841)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper error handling within 5G Modem. A local application can perform service disruption.
20) Information exposure (CVE-ID: CVE-2023-32858)
The vulnerability allows a local privileged application to gain access to sensitive information.
The vulnerability exists due to a missing data erasing within GZ. A local privileged application can gain access to sensitive information.
21) Buffer overflow (CVE-ID: CVE-2023-32857)
The vulnerability allows a local privileged application to gain access to sensitive information.
The vulnerability exists due to an incorrect status check within display. A local privileged application can gain access to sensitive information.
22) Buffer overflow (CVE-ID: CVE-2023-32856)
The vulnerability allows a local privileged application to gain access to sensitive information.
The vulnerability exists due to an incorrect status check within display. A local privileged application can gain access to sensitive information.
23) Buffer overflow (CVE-ID: CVE-2023-32855)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing permission check within aee. A local privileged application can execute arbitrary code.
24) Out-of-bounds write (CVE-ID: CVE-2023-32854)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within ril. A local privileged application can execute arbitrary code.
25) Out-of-bounds write (CVE-ID: CVE-2023-32853)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within rpmb. A local privileged application can execute arbitrary code.
26) Improper input validation (CVE-ID: CVE-2023-32852)
The vulnerability allows a local privileged application to gain access to sensitive information.
The vulnerability exists due to improper input validation within cameraisp. A local privileged application can gain access to sensitive information.
27) Incorrect Comparison (CVE-ID: CVE-2023-32849)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to type confusion within cmdq. A local privileged application can execute arbitrary code.
28) Incorrect Calculation of Buffer Size (CVE-ID: CVE-2023-32851)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within decoder. A local application can execute arbitrary code.
29) Integer underflow (CVE-ID: CVE-2023-32850)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to an integer overflow within decoder. A local application can execute arbitrary code.
30) Incorrect Comparison (CVE-ID: CVE-2023-32848)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to type confusion within vdec. A local privileged application can execute arbitrary code.
Remediation
Install update from vendor's website.