CVE-2021-0422

In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05381071...

CVE-2021-0424

In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05393787...

CVE-2021-0611

In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425810...

CVE-2021-0612

In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834...

Information disclosure

In memory management driver, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05381235...

Information disclosure

In memory management driver, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05400059...

CVE-2021-0612

CVE-2021-0612 describes a memory corruption in the m4u component, caused by a use-after-free, enabling local escalation of privilege with system execution privileges required. Exploitation reportedly does not require user interaction. Affected context is Mediatek-based hardware; patch ALPS0540349...

CVE-2021-0611

CVE-2021-0611 affects the Mediatek m4u component, where a memory corruption due to a use-after-free condition can cause local escalation of privilege to SYSTEM, with no user interaction required. The entry notes a patch ID ALPS05403499 and an issue ID ALPS05425810 as fixes. Connected documents re...

CVE-2021-0422

CVE-2021-0422 concerns the memory management driver in MediaTek-based systems. The issue is a missing bounds check that can cause a system crash, enabling local denial of service without requiring user interaction. Multiple documents confirm the root cause and the potential impact (local DoS, hig...

CVE-2021-0415

In memory management driver, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS0533669...

CVE-2021-0420

CVE-2021-0420 concerns a missing bounds check in the in-memory management driver, enabling local denial of service without user interaction. Impact is described as a system crash leading to local DoS; exploitation details are not provided in the documents. Mitigation references a patch: ALPS05403...

CVE-2021-0418

CVE-2021-0418 concerns the Mediatek memory management driver, where improper input validation can cause a local system crash leading to denial of service without user interaction. The issue is described across multiple sources (NVD, Red Hat) with the same core weakness. The patch reference provid...

CVE-2021-0417

CVE-2021-0417 describes a vulnerability in a memory management driver where improper input validation can cause a system crash, leading to local denial of service without extra privileges. The issue is not user-initiated and headers indicate a local attack vector. Connected sources confirm the ro...

CVE-2021-0415

CVE-2021-0415 concerns a vulnerability in the Mediatek memory management driver where a missing permission check can disclose local information without requiring user interaction. The issue affects the in-memory management component (Mediatek chipset context) and enables information leakage with ...