Design/Logic Flaw

2023-09-0403:15:00

PRIOn knowledge base

www.prio-n.com

design flaw

logic flaw

use after free

missing valid range checking

local escalation of privilege

system execution privileges

user interaction

patch id

issue id

nvd

0.001 Low

EPSS

Percentile

25.8%

JSON

In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350.

CPENameOperatorVersion
androideq11.0
androideq12.0
linux_kerneleq6.1
yoctoeq4.0
iot_yoctoeq23.0

Name	Operator	Version
android	eq	11.0
android	eq	12.0
linux_kernel	eq	6.1
yocto	eq	4.0
iot_yocto	eq	23.0

References

corp.mediatek.com/product-security-bulletin/September-2023

0.001 Low

EPSS

Percentile

25.8%

JSON

Related for PRION:CVE-2023-20849