MediaTek Chipsets Security Vulnerabilities

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities. These vulnerabilities stem from insufficient boundary checking in the geniezone component, leading to out-of-bound writes. This can result in an increase in...

mtkclient

🚀 mtkclient - Easily Flash and Repair Mediatek Devices !Dow...

EUVD-2025-13090

Malicious code in bioql PyPI...

CVE-2025-38662

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365daisetpriv Given mt8365daisetpriv allocate privsize space to copy privdata which means we should pass mt8365i2sprivi or "struct mtkafei2spriv" instead of afepriv which ha...

CVE-2025-23160

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization On Mediatek devices with a system companion processor SCP the mtkscp structure has to be removed explicitly to avoid a resource leak. Fre...

CVE-2025-23160 media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization On Mediatek devices with a system companion processor SCP the mtkscp structure has to be removed explicitly to avoid a resource leak. Fre...

CVE-2025-23160 media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization On Mediatek devices with a system companion processor SCP the mtkscp structure has to be removed explicitly to avoid a resource leak. Fre...

CVE-2025-23160

CVE-2025-23160 affects the Linux kernel on Mediatek platforms with a system companion processor (SCP). The issue is a resource leak in the Media subsystem (vcodec) during firmware initialization when the mtk_scp structure is not properly freed, leading to a leak if firmware initialization allocat...

CVE-2022-49244

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8192-mt6359: Fix error handling in mt8192mt6359devprobe The devicenode pointer is returned by ofparsephandle with refcount incremented. We should use ofnodeput on it when done. This function only calls ofnodeput...

PT-2025-18414

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak has been identified in the Linux kernel related to the system companion processor SCP on Mediatek devices. The issue arises during firmware initialization when the mtk sc...

Google Android 竞争条件问题漏洞

Google Android is a Linux-based open source operating system from Google. MT6755, MT6755S, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6795, MT6797, MT6833, MT6853, MT6853T. MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6890, MT6891, MT689...

多款 MediaTek 产品输入验证错误漏洞

MediaTek chips are a variety of chips from MediaTek, a division of China's MediaTek Mediatek. A security vulnerability exists in multiple MediaTek products that originates from an integer overflow in the preloader usb, which may result in out-of-bounds writes...

System privilege elevation vulnerability in Guangsheng FOTA service for multiple mtk platform phones (Phantom Vulnerability)

Shanghai Guangsheng Information Technology Co., Ltd. is the world's leading provider of terminal management cloud platform, FOTA Wireless Upgrade provides professional wireless upgrade solutions for IoT devices smart car, wearable, home, VR, etc.. System privilege elevation vulnerability exists i...