CVE-2024-20086
https://notcve.org/view.php?id=CVE-2024-20086
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1551. En vdec, existe una posible escritura fuera de los límites debido a una verificación de los límites faltante. • https://corp.mediatek.com/product-security-bulletin/September-2024 • CWE-787: Out-of-bounds Write •
CVE-2024-20083
https://notcve.org/view.php?id=CVE-2024-20083
In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08810810 / ALPS08805789; Issue ID: MSV-1502. • https://corp.mediatek.com/product-security-bulletin/August-2024 • CWE-787: Out-of-bounds Write •
CVE-2024-20013
https://notcve.org/view.php?id=CVE-2024-20013
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608. En keyInstall, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •
CVE-2024-20012
https://notcve.org/view.php?id=CVE-2024-20012
In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358566; Issue ID: ALPS08358566. En keyInstall, existe una posible escalada de privilegios debido a confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2024-20010
https://notcve.org/view.php?id=CVE-2024-20010
In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560. En keyInstall, existe una posible escalada de privilegios debido a confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •