#VU62001 Double Free in MediaTek products - CVE-2021-25477
Vulnerability identifier: #VU62001
Vulnerability risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-415
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
MT6735
Mobile applications /
Mobile firmware & hardware
MT6737
Mobile applications /
Mobile firmware & hardware
MT6739
Mobile applications /
Mobile firmware & hardware
MT6750S
Mobile applications /
Mobile firmware & hardware
MT6757
Mobile applications /
Mobile firmware & hardware
MT6757P
Mobile applications /
Mobile firmware & hardware
MT6761
Mobile applications /
Mobile firmware & hardware
MT6762
Mobile applications /
Mobile firmware & hardware
MT6762D
Mobile applications /
Mobile firmware & hardware
MT6762M
Mobile applications /
Mobile firmware & hardware
MT6763
Mobile applications /
Mobile firmware & hardware
MT6765
Mobile applications /
Mobile firmware & hardware
MT6765T
Mobile applications /
Mobile firmware & hardware
MT6767
Mobile applications /
Mobile firmware & hardware
MT6768
Mobile applications /
Mobile firmware & hardware
MT6769
Mobile applications /
Mobile firmware & hardware
MT6769T
Mobile applications /
Mobile firmware & hardware
MT6769Z
Mobile applications /
Mobile firmware & hardware
MT6771
Mobile applications /
Mobile firmware & hardware
MT6783
Mobile applications /
Mobile firmware & hardware
MT6785T
Mobile applications /
Mobile firmware & hardware
MT6833
Mobile applications /
Mobile firmware & hardware
MT6880
Mobile applications /
Mobile firmware & hardware
MT6890
Mobile applications /
Mobile firmware & hardware
MT8666
Mobile applications /
Mobile firmware & hardware
MT8667
Mobile applications /
Mobile firmware & hardware
MT8675
Mobile applications /
Mobile firmware & hardware
MT8735A
Mobile applications /
Mobile firmware & hardware
MT8735B
Mobile applications /
Mobile firmware & hardware
MT8765
Mobile applications /
Mobile firmware & hardware
MT8766
Mobile applications /
Mobile firmware & hardware
MT8768
Mobile applications /
Mobile firmware & hardware
MT8786
Mobile applications /
Mobile firmware & hardware
MT8788
Mobile applications /
Mobile firmware & hardware
MT8789
Mobile applications /
Mobile firmware & hardware
MT8791
Mobile applications /
Mobile firmware & hardware
MT6779
Hardware solutions /
Firmware
MT6781
Hardware solutions /
Firmware
MT6785
Hardware solutions /
Firmware
MT6853
Hardware solutions /
Firmware
MT6873
Hardware solutions /
Firmware
MT6875
Hardware solutions /
Firmware
MT6877
Hardware solutions /
Firmware
MT6883
Hardware solutions /
Firmware
MT6885
Hardware solutions /
Firmware
MT6889
Hardware solutions /
Firmware
MT6891
Hardware solutions /
Firmware
MT6893
Hardware solutions /
Firmware
MT8797
Hardware solutions /
Firmware
Vendor: MediaTek
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the Modem LTE RRC when decoding an incorrect ASN.1 data. A remote attacker can pass specially crafted data to the system, trigger a double free error and perform a denial of service (DoS) attack.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
MT6735: All versions
MT6737: All versions
MT6739: All versions
MT6750S: All versions
MT6757: All versions
MT6757P: All versions
MT6761: All versions
MT6762: All versions
MT6762D: All versions
MT6762M: All versions
MT6763: All versions
MT6765: All versions
MT6765T: All versions
MT6767: All versions
MT6768: All versions
MT6769: All versions
MT6769T: All versions
MT6769Z: All versions
MT6771: All versions
MT6779: All versions
MT6781: All versions
MT6783: All versions
MT6785: All versions
MT6785T: All versions
MT6833: All versions
MT6853: All versions
MT6873: All versions
MT6875: All versions
MT6877: All versions
MT6880: All versions
MT6883: All versions
MT6885: All versions
MT6889: All versions
MT6890: All versions
MT6891: All versions
MT6893: All versions
MT8666: All versions
MT8667: All versions
MT8675: All versions
MT8735A: All versions
MT8735B: All versions
MT8765: All versions
MT8766: All versions
MT8768: All versions
MT8786: All versions
MT8788: All versions
MT8789: All versions
MT8791: All versions
MT8797: All versions
External links
https://corp.mediatek.com/product-security-bulletin/April-2022
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
