CVSS: 10.0EPSS: 2%CPEs: 29EXPL: 0CVE-2022-26447
https://notcve.org/view.php?id=CVE-2022-26447
06 Sep 2022 — In BT firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784478; Issue ID: ALPS06784478. En BT firmware, es posible que se produzca una escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/September-2022 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2022-26429
https://notcve.org/view.php?id=CVE-2022-26429
01 Aug 2022 — In cta, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07025415; Issue ID: ALPS07025415. En cta, se presenta una posible forma de escribir registros de uso de permisos de una aplicación debido a una falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/August-2022 • CWE-862: Missing Authorization •
CVSS: 6.4EPSS: 0%CPEs: 13EXPL: 0CVE-2022-26428
https://notcve.org/view.php?id=CVE-2022-26428
01 Aug 2022 — In video codec, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521260; Issue ID: ALPS06521260. En video codec, se presenta una posible corrupción de memoria debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/August-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2022-21777
https://notcve.org/view.php?id=CVE-2022-21777
06 Jul 2022 — In Autoboot, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06713894; Issue ID: ALPS06713894. En Autoboot, Se presenta una posible omisión de permisos debido a una falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-862: Missing Authorization •
CVSS: 6.4EPSS: 0%CPEs: 45EXPL: 0CVE-2022-21776
https://notcve.org/view.php?id=CVE-2022-21776
06 Jul 2022 — In MDP, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545450; Issue ID: ALPS06545450. En MDP, Se presenta un posible uso de memoria previamente liberada debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 47EXPL: 0CVE-2022-21775
https://notcve.org/view.php?id=CVE-2022-21775
06 Jul 2022 — In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032. En sched driver, Se presenta un posible uso de memoria previamente liberada debido a un bloqueo inapropiado. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-667: Improper Locking •
CVSS: 6.7EPSS: 0%CPEs: 18EXPL: 0CVE-2022-21774
https://notcve.org/view.php?id=CVE-2022-21774
06 Jul 2022 — In TEEI driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641447; Issue ID: ALPS06641447. En TEEI driver, Se presenta un posible uso después de la liberación debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 36EXPL: 0CVE-2022-21773
https://notcve.org/view.php?id=CVE-2022-21773
06 Jul 2022 — In TEEI driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641388; Issue ID: ALPS06641388. En TEEI driver, Se presenta un posible uso después de la liberación debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 22EXPL: 0CVE-2022-21772
https://notcve.org/view.php?id=CVE-2022-21772
06 Jul 2022 — In TEEI driver, there is a possible type confusion due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493842; Issue ID: ALPS06493842. En TEEI driver, Se presenta una posible confusión de tipos debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 29EXPL: 0CVE-2022-21771
https://notcve.org/view.php?id=CVE-2022-21771
06 Jul 2022 — In GED driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641585; Issue ID: ALPS06641585. En GED driver, Se presenta un posible uso de memoria previamente liberada debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •