CVSS: 6.7EPSS: 0%CPEs: 19EXPL: 0CVE-2022-21778
https://notcve.org/view.php?id=CVE-2022-21778
In vpu, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06382421; Issue ID: ALPS06382421. En vpu, existe una posible divulgación de información debido a una verificación de los límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/November-2022 • CWE-125: Out-of-bounds Read •
CVSS: 6.4EPSS: 0%CPEs: 34EXPL: 0CVE-2022-32609
https://notcve.org/view.php?id=CVE-2022-32609
In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203410; Issue ID: ALPS07203410. En vcu, existe un posible use-after-free debido a una condición de ejecución. • https://corp.mediatek.com/product-security-bulletin/November-2022 • CWE-662: Improper Synchronization •
CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 0CVE-2022-32614
https://notcve.org/view.php?id=CVE-2022-32614
In audio, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310571; Issue ID: ALPS07310571. En audio, existe una posible corrupción de la memoria debido a un error lógico. • https://corp.mediatek.com/product-security-bulletin/November-2022 • CWE-415: Double Free •
CVSS: 6.4EPSS: 0%CPEs: 35EXPL: 0CVE-2022-32610
https://notcve.org/view.php?id=CVE-2022-32610
In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203476; Issue ID: ALPS07203476. En vcu, existe un posible use-after-free debido a una condición de ejecución. • https://corp.mediatek.com/product-security-bulletin/November-2022 • CWE-662: Improper Synchronization •
CVSS: 6.4EPSS: 0%CPEs: 35EXPL: 0CVE-2022-32612
https://notcve.org/view.php?id=CVE-2022-32612
In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203500; Issue ID: ALPS07203500. En vcu, existe un posible use-after-free debido a una condición de ejecución. • https://corp.mediatek.com/product-security-bulletin/November-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •