CVE-2023-20743

The CVE-2023-20743 issue affects the vcu module in MediaTek chips. It stems from improper locking that enables an out-of-bounds write, potentially allowing local escalation of privilege to SYSTEM level without user interaction. The vulnerability impact is described as high for confidentiality, in...

CVE-2023-20740

In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559840...

CVE-2023-20739

In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559819...

CVE-2023-20738

In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645173...

CVE-2023-20738

In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645173...

CVE-2023-20737

The CVE-2023-20737 issue concerns the vcu component in MediaTek devices, where an improper locking leads to a use-after-free condition. This vulnerability can enable local escalation of privileges to SYSTEM with no user interaction required. Affected behavior is described as a local exploit path,...

CVE-2023-20736

CVE-2023-20736 affects the vcu component. The vulnerability is an out-of-bounds write caused by a race condition, enabling local escalation of privilege with System execution privileges required and no user interaction. A patch is referenced: ALPS07645149 (Issue ALPS07645189). Exploitation detail...

CVE-2023-20736

In vcu, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645189...

CVE-2023-20735

In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645178...

CVE-2023-20735

CVE-2023-20735 concerns the vcu component in MediaTek chips, where a missing bounds check can cause an out-of-bounds write. The under-lying flaw is a lack of boundary verification in vcu, potentially enabling local escalation of privilege with System-level execution privileges required. Exploitat...

CVE-2023-20734

CVE-2023-20734 affects the vcu module in MediaTek chips. The issue is described as an out-of-bounds write due to a missing bounds check, potentially enabling local escalation of privilege with SYSTEM privileges and no user interaction required. A patch is available (ALPS07645149; ALPS07645184). C...

CVE-2023-20733

In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645149...

CVE-2023-20733

CVE-2023-20733 affects the vcu component in MediaTek chips. The vulnerability is a use-after-free caused by improper locking, enabling local escalation of privilege with System execution privileges required. Exploitation details are not provided in the supplied documents. Patch ID ALPS07645149 (I...

CVE-2023-20733

In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645149...

PT-2023-17600 · Vcu · Vcu

Name of the Vulnerable Software and Affected Versions: vcu affected versions not specified Description: The issue is related to a possible out of bounds write due to a missing bounds check in vcu. This could lead to local escalation of privilege, with System execution privileges needed. User...

PT-2023-17606 · Vcu · Vcu

Name of the Vulnerable Software and Affected Versions: vcu affected versions not specified Description: The issue is related to a possible out of bounds write due to improper locking, which could lead to local escalation of privilege. System execution privileges are needed for exploitation, and...

PT-2023-17599 · Vcu · Vcu

Name of the Vulnerable Software and Affected Versions: vcu affected versions not specified Description: The issue is related to a possible use after free due to improper locking in vcu. This could lead to local escalation of privilege, with System execution privileges needed. User interaction is...

MediaTek 芯片 缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the vcu module of the MediaTek chips, which is caused by a logic error and possible memory corruption...

MediaTek 芯片 安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the vcu module of the MediaTek chips, which is due to a type confusion and possible memory corruption...

PT-2023-17610 · Vcu · Vcu

Name of the Vulnerable Software and Affected Versions: vcu affected versions not specified Description: The issue is related to a possible memory corruption due to type confusion in vcu. This could lead to local denial of service, with System execution privileges needed for exploitation. User...