2 matches found
CVE-2023-20726
The CVE-2023-20726 entry describes a GPS location information disclosure in the MediaTek mnld module caused by a missing permission check. Impact is local information disclosure with no privileges or user interaction required (CVSS v3.1 base score 3.3, LOW). Affected component: mnld in MediaTek S...
CVE-2024-20022
CVE-2024-20022 describes a missing bounds check in the lk module that could allow local escalation of privilege to SYSTEM-level execution. The issue is triggered locally (no user interaction required) and is corroborated across multiple connected sources (e.g., Red Hat advisory and other feeds) w...