Out-of-bounds

2023-08-0704:15:00

PRIOn knowledge base

www.prio-n.com

nvram

bounds check

local information disclosure

system execution

patch id

issue id

exploitation

4.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194.

CPENameOperatorVersion
androideq12.0
androideq13.0
yoctoeq2.6
yoctoeq3.3
openwrteq19.07.0
openwrteq21.02.0
rdk-beq2022.0.0-q3

Name	Operator	Version
android	eq	12.0
android	eq	13.0
yocto	eq	2.6
yocto	eq	3.3
openwrt	eq	19.07.0
openwrt	eq	21.02.0
rdk-b	eq	2022.0.0-q3

References

corp.mediatek.com/product-security-bulletin/August-2023