CVE-2024-20139

In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001270; Issue ID: MSV-1600...

CVE-2024-20116

In cmdq, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09057438; Issue ID: MSV-1696...

CVE-2024-20116

In cmdq, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09057438; Issue ID: MSV-1696...

CVE-2024-20137

In wlan driver, there is a possible client disconnection due to improper handling of exceptional conditions. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00384543; Issue ID: MSV-1727...

CVE-2024-20137

The CVE-2024-20137 issue affects the WLAN driver in MediaTek chipsets, caused by improper handling of exceptional conditions that can trigger a client disconnection and remote denial of service without authentication or user interaction. The vulnerability has a CVSS 3.1 base vector of AV:N/AC:L/P...

CVE-2024-20137

In wlan driver, there is a possible client disconnection due to improper handling of exceptional conditions. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00384543; Issue ID: MSV-1727...

CVE-2024-20136

CVE-2024-20136 describes a potential out-of-bounds read in the component named “da” due to a missing bounds check, which could lead to local information disclosure without requiring user interaction. The impact is limited to confidentiality (high) with no indicated impact on integrity or availabi...

CVE-2024-20136

In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09121847; Issue ID: MSV-1821...

CVE-2024-20135

In soundtrigger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09142526; Issue ID: MSV-1841...

CVE-2024-20134

CVE-2024-20134 affects the RIL (Radio Interface Layer) with a possible out-of-bounds write caused by a missing bounds check. The issue could enable local privilege escalation to System level and does not require user interaction for exploitation. A patch is referenced (ALPS09154589) with an inter...

CVE-2024-20133

In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1871...

CVE-2024-20133

In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1871...

CVE-2024-20132

In Modem, there is a possible out of bonds write due to a mission bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00957388; Issue ID: MSV-1872...

CVE-2024-20131

In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1873...

CVE-2024-20131

CVE-2024-20131 affects the Modem component in MediaTek chipsets. The root cause is an incorrect bounds check that can enable a local escalation of privilege, requiring local access with no user interaction. The vulnerability is described as potentially enabling System execution privileges with hi...

CVE-2024-20128

In Telephony, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09289881; Issue ID: MSV-2024...

CVE-2024-20129

CVE-2024-20129 affects Telephony with a missing bounds check leading to an out-of-bounds read and potential remote denial of service. The vulnerability is exploitable over the network without privileges or user interaction, per the provided description. A patch is identified as ALPS09289881 (Issu...

CVE-2024-20125

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained System privileges. User interaction is not needed for exploitation. Patch ID: ALPS09046782; Issue ID: MSV-1728...

CVE-2024-20125

Summary (CVE-2024-20125) : A missing bounds check in MediaTek’s vdec component may allow an out-of-bounds write, enabling local escalation of privilege if an attacker already has System privileges. The entry indicates exploitation requires no user interaction and specifies a patch: ALPS09046782 (...

CVE-2024-20117

In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: MSV-1681...