Lucene search

[email protected]CVE-2023-20810

HistoryAug 07, 2023 - 4:15 a.m.

CVE-2023-20810

2023-08-0704:15:14

[email protected]

web.nvd.nist.gov

iommu

information disclosure

input validation

patch

nvd

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

In IOMMU, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061.

Affected configurations

Vulners

NVD

Node

googleandroidRange<10.0

googleandroidRange<11.0

mediatekmt5221

mediatekmt5583

mediatekmt5691

mediatekmt5695

mediatekmt9010

mediatekmt9011

mediatekmt9012

mediatekmt9016

mediatekmt9020

mediatekmt9021

mediatekmt9022

mediatekmt9030

mediatekmt9031

mediatekmt9032

mediatekmt9216

mediatekmt9218

mediatekmt9220

mediatekmt9221

mediatekmt9222

mediatekmt9255

mediatekmt9256

mediatekmt9266

mediatekmt9269

mediatekmt9286

mediatekmt9288

mediatekmt9602

mediatekmt9610

mediatekmt9611

mediatekmt9612

mediatekmt9613

mediatekmt9615

mediatekmt9617

mediatekmt9618

mediatekmt9629

mediatekmt9630

mediatekmt9631

mediatekmt9632

mediatekmt9636

mediatekmt9638

mediatekmt9639

mediatekmt9649

mediatekmt9650

mediatekmt9652

mediatekmt9653

mediatekmt9666

mediatekmt9667

mediatekmt9669

mediatekmt9671

mediatekmt9675

mediatekmt9685

mediatekmt9686

mediatekmt9688

VendorProductVersionCPE
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
mediatekmt5221*cpe:2.3:h:mediatek:mt5221:*:*:*:*:*:*:*:*
mediatekmt5583*cpe:2.3:h:mediatek:mt5583:*:*:*:*:*:*:*:*
mediatekmt5691*cpe:2.3:h:mediatek:mt5691:*:*:*:*:*:*:*:*
mediatekmt5695*cpe:2.3:h:mediatek:mt5695:*:*:*:*:*:*:*:*
mediatekmt9010*cpe:2.3:h:mediatek:mt9010:*:*:*:*:*:*:*:*
mediatekmt9011*cpe:2.3:h:mediatek:mt9011:*:*:*:*:*:*:*:*
mediatekmt9012*cpe:2.3:h:mediatek:mt9012:*:*:*:*:*:*:*:*
mediatekmt9016*cpe:2.3:h:mediatek:mt9016:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	android	*	cpe:2.3:o:google:android::::::::
google	android	*	cpe:2.3:o:google:android::::::::
mediatek	mt5221	*	cpe:2.3:h:mediatek:mt5221::::::::
mediatek	mt5583	*	cpe:2.3:h:mediatek:mt5583::::::::
mediatek	mt5691	*	cpe:2.3:h:mediatek:mt5691::::::::
mediatek	mt5695	*	cpe:2.3:h:mediatek:mt5695::::::::
mediatek	mt9010	*	cpe:2.3:h:mediatek:mt9010::::::::
mediatek	mt9011	*	cpe:2.3:h:mediatek:mt9011::::::::
mediatek	mt9012	*	cpe:2.3:h:mediatek:mt9012::::::::
mediatek	mt9016	*	cpe:2.3:h:mediatek:mt9016::::::::

Rows per page:

1-10 of 541

CNA Affected

[
  {
    "vendor": "MediaTek, Inc.",
    "product": "MT5221, MT5583, MT5691, MT5695, MT9010, MT9011, MT9012, MT9016, MT9020, MT9021, MT9022, MT9030, MT9031, MT9032, MT9216, MT9218, MT9220, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9286, MT9288, MT9602, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9618, MT9629, MT9630, MT9631, MT9632, MT9636, MT9638, MT9639, MT9649, MT9650, MT9652, MT9653, MT9666, MT9667, MT9669, MT9671, MT9675, MT9685, MT9686, MT9688",
    "versions": [
      {
        "version": "Android 10.0, 11.0 / Linux 4.19",
        "status": "affected"
      }
    ]
  }
]

References

corp.mediatek.com/product-security-bulletin/August-2023

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-20810

cvelist1 nvd1 prion1