CVE-2023-20821
https://notcve.org/view.php?id=CVE-2023-20821
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113. En nvram, existe una posible escritura fuera de límites debido a una inexistente comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVE-2023-20790
https://notcve.org/view.php?id=CVE-2023-20790
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVE-2023-20788
https://notcve.org/view.php?id=CVE-2023-20788
In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648735. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-416: Use After Free •
CVE-2023-20787
https://notcve.org/view.php?id=CVE-2023-20787
In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648734. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-416: Use After Free •
CVE-2023-20786
https://notcve.org/view.php?id=CVE-2023-20786
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767811; Issue ID: ALPS07767811. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •