kernel: Linux kernel: Denial of Service due to deadlock in Universal Flash Storage driver

A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a deadlock vulnerability in the Universal Flash Storage UFS host controller driver ufshcd. This occurs when the error handler and a Command Queue CQ event interrupt attempt to acquire the same lock...

CVE-2023-20849

In imgsyscmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350...

MediaTek Chip Resource Management Error Vulnerability

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the MediaTek chips that stems from a lack of valid range checking in imgsyscmdq, which could be exploited after release...

MediaTek Chip Buffer Error Vulnerability

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of valid range checking in imgsyscmdq, which may result in out-of-bounds reads...

MediaTek Chip Buffer Error Vulnerability

MediaTek chips are a variety of MediaTek chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from an incorrect state check in cmdq, which may result in an out-of-bounds read...

PT-2023-17672 · Unknown · Imgsys Cmdq

Name of the Vulnerable Software and Affected Versions: imgsys cmdq affected versions not specified Description: In imgsys cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed...

部分MediaTek芯片 缓冲区错误漏洞

MediaTek chips are various chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in some MediaTek chips, which originates in cmdq, due to a lack of boundary checking, which may result in memory corruption leading to a local denial of service. The following products are...

PT-2023-35091 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: The issue is related to the dp aux cmd fifo tx function, where it may not be completed if the interrupt is not for an auxiliary transfer. This could potentially lead to security...

The vulnerability of Mediatek Command Queue driver in Android operating systems of Huawei mobile phones allows attackers to escalate their privileges.

The vulnerability of Mediatek’s Command Queue driver in Android operating systems of Huawei mobile phones involves the execution of write operations beyond the buffer in memory. Exploiting this vulnerability can allow attackers to gain increased privileges...

Mediatek Multiple Chipsets Insufficient Input Validation Vulnerability

Multiple MediaTek chipsets contain an insufficient input validation vulnerability and have missing SELinux restrictions in the Command Queue drivers ioctl handlers. This causes an out-of-bounds write leading to privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and...

VulnCheck KEV: CVE-2020-0069

Multiple MediaTek chipsets contain an insufficient input validation vulnerability and have missing SELinux restrictions in the Command Queue drivers ioctl handlers. This causes an out-of-bounds write leading to privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and...

CVE-2020-0069

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

CVE-2020-0069

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

Design/Logic Flaw

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

CVE-2020-0069

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

CVE-2020-0069

The CVE-2020-0069 issue affects MediaTek CMDQ driver ioctl handlers in Android kernel, where insufficient input sanitization and missing SELinux restrictions can cause an out-of-bounds write, enabling local privilege escalation without extra privileges or user interaction. Public material confirm...

CVE-2020-0069

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

CVE-2020-0069

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

PT-2020-6503 · Google +1 · Android Kernel +1

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to the Mediatek Command Queue driver in Android operating systems, specifically a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This coul...

CVE-2018-10021

The code in the drivers/scsi/libsas/sasscsihost.c file in the Linux kernel allow a physically proximate attacker to cause a memory leak in the ATA command queue and, thus, denial of service by triggering certain failure conditions...