CVE-2018-9416

In sg_remove_scat of scsi/sg.c, there is a possible memory corruption due toan unusual root cause. This could lead to local escalation of privilege withSystem execution privileges needed. User interaction is not needed forexploitation.

CVE-2024-20125

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained System privileges. User interaction is not needed for exploitation. Patch ID: ALPS09046782; Issue ID: MSV-1728.

CVE-2018-9463

In sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a possibleout of bounds write due to an incorrect bounds check. This could lead tolocal escalation of privilege with System execution privileges needed. Userinteraction is not needed for exploitation.

CVE-2018-9402

In multiple functions of gl_proc.c, there is a buffer overwrite due to a missing bounds check. This could lead to escalation of privileges in the kernel.

CVE-2018-9439

In __unregister_prot_hook and packet_release of af_packet.c, there is apossible use-after-free due to improper locking. This could lead to localescalation of privilege in the kernel with System execution privilegesneeded. User interaction is not needed for exploitation.

CVE-2018-9390

In procfile_write of gl_proc.c, there is a possible out of bounds read of afunction pointer due to an incorrect bounds check. This could lead to localescalation of privilege with System execution privileges needed. Userinteraction is not needed for exploitation.

CVE-2018-9388

In store_upgrade and store_cmd of drivers/input/touchscreen/stm/ftm4_pdc.c, there are out of bound writes due to missing bounds checks or integer underflows. These could lead to escalation of privilege.

CVE-2018-9380

In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2018-9431

In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9449

In process_service_search_attr_rsp of sdp_discovery.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9395

In mtk_cfg80211_vendor_packet_keep_alive_start and mtk_cfg80211_vendor_set_config of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_vendor.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges need...

CVE-2018-9404

In oemCallback of ril.cpp, there is a possible out of bounds write due to aninteger overflow. This could lead to local escalation of privilege withSystem execution privileges needed. User interaction is not needed forexploitation.

CVE-2018-9407

In emmc_rpmb_ioctl of emmc_rpmb.c, there is an Information Disclosure due to a Missing Bounds Check. This could lead to Information Disclosure of kernel data.

CVE-2018-9408

In m3326_gps_write and m3326_gps_read of gps.s, there is a possible Out OfBounds Read due to a missing bounds check. This could lead to a localinformation disclosure with System execution privileges needed. Userinteraction is not needed for exploitation.

CVE-2018-9414

In gattServerSendResponseNative of com_android_bluetooth_gatt.cpp, there is a possible out of bounds stack write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9418

In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9393

In procfile_write of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_proc.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9396

In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9400

In gt1x_debug_write_proc and gt1x_tool_write ofdrivers/input/touchscreen/mediatek/GT1151/gt1x_generic.c and gt1x_tools.c,there is a possible out of bounds write due to a missing bounds check. Thiscould lead to local escalation of privilege with System execution privilegesneeded. User interaction is...

CVE-2018-9403

In the MTK_FLP_MSG_HAL_DIAG_REPORT_DATA_NTF handler of flp2hal_-interface.c, there is a possible stack buffer overflow due to a missingbounds check. This could lead to local escalation of privilege in aprivileged process with System execution privileges needed. User interactionis not needed for exp...

CVE-2018-9429

In buildImageItemsIfPossible of ItemTable.cpp there is a possible out of bound read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2018-9462

In store_cmd of ftm4_pdc.c, there is a possible out of bounds write due toan incorrect bounds check. This could lead to local escalation of privilegewith System execution privileges needed. User interaction is not needed forexploitation.

CVE-2024-20116

In cmdq, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09057438; Issue ID: MSV-1696.

CVE-2024-20128

In Telephony, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09289881; Issue ID: MSV-2024.

CVE-2024-20138

In wlan driver, there is a possible out of bound read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998291; Issue ID: MSV-1604.

CVE-2018-9397

In WMT_unlocked_ioctl of MTK WMT device driver, there is a possible OOBwrite due to a missing bounds check. This could lead to local escalation ofprivilege with System execution privileges needed. User interaction is notneeded for exploitation.

CVE-2018-9398

In fm_set_stat of mediatek FM radio driver, there is a possible OOB writedue to improper input validation. This could lead to local escalation ofprivilege with System execution privileges needed. User interaction is notneeded for exploitation.

CVE-2018-9392

In get_binary of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/data_coder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploi...

CVE-2018-9399

In /proc/driver/wmt_dbg driver, there are several possible out of boundswrites. These could lead to local escalation of privilege with Systemexecution privileges needed. User interaction is not needed forexploitation.

CVE-2018-9381

In gatts_process_read_by_type_req of gatt_sr.c, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9391

In update_gps_sv and output_vzw_debug ofvendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/gpshal_worker.c, there is a possible out of bounds write due to a missing boundscheck. This could lead to local escalation of privilege with Systemexecution privileges needed. User interaction ...

CVE-2018-9413

In handle_notification_response of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2018-9386

In reboot_block_command of htc reboot_block driver, there is a possiblestack buffer overflow due to a missing bounds check. This could lead tolocal escalation of privilege with System execution privileges needed. Userinteraction is not needed for exploitation.

CVE-2018-9394

In mtk_p2p_wext_set_key of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_p2p.c, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9430

In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13308

In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9426

In RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java, an incorrect implementation could cause weak RSA key pairs being generated. This could lead to crypto vulnerability with no additional execution privileges needed. User interaction is not needed for exploitation. Bulletin Fi...

CVE-2018-9441

In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2024-20134

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09154589; Issue ID: MSV-1866.

CVE-2018-9376

In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-20127

In Telephony, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09289881; Issue ID: MSV-2023.

CVE-2024-20135

In soundtrigger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09142526; Issue ID: MSV-1841.

CVE-2024-20130

In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09193374; Issue ID: MSV-1982.

CVE-2018-9423

In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c there is a possible out of bound read due to missing bounds check. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2018-9435

In gatt_process_error_rsp of gatt_cl.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-20129

In Telephony, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09289881; Issue ID: MSV-2025.

CVE-2024-20136

In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09121847; Issue ID: MSV-1821.