CVE-2024-20148

In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389045 / ALPS09136494; Issue ID:...

CVE-2024-20146

In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue I...

CVE-2024-20146

In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue I...

CVE-2024-20145

CVE-2024-20145 affects MediaTek V6 DA, where a missing bounds check can lead to an out-of-bounds write. The issue enables local escalation of privilege with physical access and user interaction required for exploitation. Patch ALPS09290940 addresses the flaw (MSV-2040).

CVE-2024-20145

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09290940;...

CVE-2024-20144

CVE-2024-20144 affects V6 DA, with an out-of-bounds write caused by a missing bounds check. This can enable local escalation of privilege when an attacker has physical access, requiring user interaction for exploitation. Patch ALPS09167056 fixes MSV-2041 for affected devices. No explicit exploita...

CVE-2024-20144

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056;...

CVE-2024-20143

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056;...

CVE-2024-20143

CVE-2024-20143 affects V6 DA with an out-of-bounds write caused by a missing bounds check. The issue could allow local escalation of privilege on devices with physical access and requires user interaction to exploit. Patch ALPS09167056 (MSV-2069) is available. Red Hat and OSV entries corroborate ...

CVE-2024-20140

In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09270402; Issue ID: MSV-2020...

CVE-2024-20140

CVE-2024-20140 concerns MediaTek power module code with a missing bounds check, causing an out-of-bounds write. This can enable local escalation of privilege to System level without user interaction, as described across NVD/Red Hat/OSV/NCSC and related advisories. The root cause is an out-of-boun...

CVE-2024-20140

In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09270402; Issue ID: MSV-2020...

CVE-2024-20154

MediaTek Modem vulnerability CVE-2024-20154 arises from an out-of-bounds write due to a missing bounds check in the Modem component. This can lead to remote code execution when a UE connects to a rogue base station, with no additional execution privileges required and no user interaction. Affecte...

CVE-2024-20154

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Pat...

CVE-2024-20139

In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001270; Issue ID: MSV-1600...

CVE-2024-20137

In wlan driver, there is a possible client disconnection due to improper handling of exceptional conditions. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00384543; Issue ID: MSV-1727...

CVE-2024-20138

In wlan driver, there is a possible out of bound read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998291; Issue ID: MSV-1604...

CVE-2024-20134

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09154589; Issue ID: MSV-1866...

CVE-2024-20131

In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1873...

CVE-2024-20116

In cmdq, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09057438; Issue ID: MSV-1696...