CVE-2022-26426
https://notcve.org/view.php?id=CVE-2022-26426
In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486. En camera isp, se presenta una posible escritura fuera de límites debido a una comprobación de límites que falta. • https://corp.mediatek.com/product-security-bulletin/August-2022 • CWE-787: Out-of-bounds Write •
CVE-2022-21777
https://notcve.org/view.php?id=CVE-2022-21777
In Autoboot, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06713894; Issue ID: ALPS06713894. En Autoboot, Se presenta una posible omisión de permisos debido a una falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-862: Missing Authorization •
CVE-2022-21776
https://notcve.org/view.php?id=CVE-2022-21776
In MDP, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545450; Issue ID: ALPS06545450. En MDP, Se presenta un posible uso de memoria previamente liberada debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2022-21772
https://notcve.org/view.php?id=CVE-2022-21772
In TEEI driver, there is a possible type confusion due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493842; Issue ID: ALPS06493842. En TEEI driver, Se presenta una posible confusión de tipos debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2022-21769
https://notcve.org/view.php?id=CVE-2022-21769
In CCCI, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641673; Issue ID: ALPS06641687. En CCCI, Se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-125: Out-of-bounds Read •