322 matches found
CVE-2024-20010
The CVE-2024-20010 entry describes a MediaTek vulnerability in the keyInstall module caused by type confusion, enabling local privilege escalation to SYSTEM without user interaction. Patch ALPS08358560 (Issue ALPS08358560) is referenced as the fix. Connected documents corroborate the local-privil...
MediaTek Chip Security Breach
MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips that stems from a type confusion issue in the keyInstall module, which could lead to privilege escalation...
MediaTek Chip Security Breach
MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips that stems from a type confusion issue in the keyInstall module, which could lead to privilege escalation...
MediaTek Chip Security Breach
MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips due to a lack of boundary checking in the keyInstall module, which may result in out-of-bounds writes...
PT-2024-18500 · Mediatek +1 · Mt6580 +1
Name of the Vulnerable Software and Affected Versions: No specific software name or affected versions are mentioned in the provided descriptions. Description: The issue is related to a possible escalation of privilege due to type confusion in the keyInstall function. This could lead to local...
PT-2024-18498 · Mediatek +1 · Mt6580 +1
Name of the Vulnerable Software and Affected Versions: No specific software name or affected versions are mentioned in the provided descriptions. Description: The issue is related to a possible escalation of privilege due to type confusion in the keyInstall function. This could lead to local...
CVE-2023-32875
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217...
CVE-2023-32872
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607...
CVE-2023-32872
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607...
CVE-2023-32876
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612...
CVE-2023-32875
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217...
Out-of-bounds
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607...
Information disclosure
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217...
Information disclosure
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612...
CVE-2023-32876
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612...
CVE-2023-32876
CVE-2023-32876 involves the keyInstall function where a missing bounds check can cause information disclosure, requiring local privileges (PR:H) with no user interaction. Affected context appears to be media/SoC environments (MediaTek-related references appear across multiple connected sources), ...
CVE-2023-32875
CVE-2023-32875 affects MediaTek platforms via the keyInstall function. The root cause is a missing bounds check in keyInstall, enabling local information disclosure and requiring System privileges for exploitation; no user interaction is needed. The CVE entry cites Patch ID ALPS08308607 and Issue...
CVE-2023-32875
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217...
CVE-2023-32875
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217...
CVE-2023-32872
The CVE-2023-32872 issue is in MediaTek’s keyInstall module. It describes an out-of-bounds write caused by a missing bounds check, potentially enabling local privilege escalation to SYSTEM with no user interaction required. Public references in the connected documents consistently state this as a...