CVE-2021-0421
https://notcve.org/view.php?id=CVE-2021-0421
In memory management driver, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05381235. En memory management driver, se presenta una posible divulgación de información debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/September-2021 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2018-21089
https://notcve.org/view.php?id=CVE-2018-21089
An issue was discovered on Samsung mobile devices with N(7.x) (MT6755/MT6757 Mediatek models) software. Bootloader has an integer overflow that leads to arbitrary code execution via the download offset control. The Samsung ID is SVE-2017-10732 (January 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) (modelos Mediatek MT6755/MT6757). El Cargador de Arranque presenta un desbordamiento de enteros que conlleva a una ejecución de código arbitraria por medio del control de desplazamiento de descarga. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-190: Integer Overflow or Wraparound •