CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 0CVE-2022-32603
https://notcve.org/view.php?id=CVE-2022-32603
08 Nov 2022 — In gpu drm, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310704; Issue ID: ALPS07310704. En gpu drm, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/November-2022 • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2022-32617
https://notcve.org/view.php?id=CVE-2022-32617
08 Nov 2022 — In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262364; Issue ID: ALPS07262364. En Typec, existe una posible escritura fuera de límites debido a un cálculo incorrecto del tamaño del búfer. • https://corp.mediatek.com/product-security-bulletin/November-2022 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2022-26473
https://notcve.org/view.php?id=CVE-2022-26473
07 Oct 2022 — In vdec fmt, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342197; Issue ID: ALPS07342197. En vdec fmt, se presenta un posible uso de memoria previamente liberada debido a un bloqueo inapropiado. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-667: Improper Locking •
CVSS: 6.7EPSS: 0%CPEs: 25EXPL: 0CVE-2022-26466
https://notcve.org/view.php?id=CVE-2022-26466
06 Sep 2022 — In audio ipi, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558777; Issue ID: ALPS06558777. En audio ipi, se presenta una posible escritura fuera de límites debido a un desbordamiento de enteros. • https://corp.mediatek.com/product-security-bulletin/September-2022 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 23EXPL: 0CVE-2022-26465
https://notcve.org/view.php?id=CVE-2022-26465
06 Sep 2022 — In audio ipi, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558799; Issue ID: ALPS06558799. En audio ipi, se presenta una posible escritura fuera de límites debido a una comprobación de límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/September-2022 • CWE-787: Out-of-bounds Write •
CVSS: 6.4EPSS: 0%CPEs: 22EXPL: 1CVE-2022-21789
https://notcve.org/view.php?id=CVE-2022-21789
01 Aug 2022 — In audio ipi, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478101; Issue ID: ALPS06478101. En audio ipi, se presenta una posible corrupción de memoria debido a una condición de carrera. • https://github.com/docfate111/CVE-2022-21789 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 14EXPL: 0CVE-2022-21787
https://notcve.org/view.php?id=CVE-2022-21787
06 Jul 2022 — In audio DSP, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558844; Issue ID: ALPS06558844. En audio DSP, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 14EXPL: 0CVE-2022-21786
https://notcve.org/view.php?id=CVE-2022-21786
06 Jul 2022 — In audio DSP, there is a possible memory corruption due to improper casting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558822; Issue ID: ALPS06558822. En audio DSP, Se presenta una posible corrupción de memoria debido a una fundición inapropiada. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 6.4EPSS: 0%CPEs: 45EXPL: 0CVE-2022-21776
https://notcve.org/view.php?id=CVE-2022-21776
06 Jul 2022 — In MDP, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545450; Issue ID: ALPS06545450. En MDP, Se presenta un posible uso de memoria previamente liberada debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2022-21770
https://notcve.org/view.php?id=CVE-2022-21770
06 Jul 2022 — In sound driver, there is a possible information disclosure due to symlink following. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558663; Issue ID: ALPS06558663. En sound driver, Se presenta una posible divulgación de información debido al seguimiento de enlaces simbólicos. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •