CVSS: 6.4EPSS: 0%CPEs: 35EXPL: 0CVE-2022-32610
https://notcve.org/view.php?id=CVE-2022-32610
In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203476; Issue ID: ALPS07203476. En vcu, existe un posible use-after-free debido a una condición de ejecución. • https://corp.mediatek.com/product-security-bulletin/November-2022 • CWE-662: Improper Synchronization •
CVSS: 6.4EPSS: 0%CPEs: 35EXPL: 0CVE-2022-32612
https://notcve.org/view.php?id=CVE-2022-32612
In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203500; Issue ID: ALPS07203500. En vcu, existe un posible use-after-free debido a una condición de ejecución. • https://corp.mediatek.com/product-security-bulletin/November-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 19EXPL: 0CVE-2022-32592
https://notcve.org/view.php?id=CVE-2022-32592
In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405. En cpu dvfs, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2022-26471
https://notcve.org/view.php?id=CVE-2022-26471
In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319121; Issue ID: ALPS07319121. En telephony, se presenta una posible escalada de privilegios debido a un desajuste en el formato de los paquetes. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 42EXPL: 0CVE-2022-26472
https://notcve.org/view.php?id=CVE-2022-26472
In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095. En ims, se presenta una posible escalada de privilegios debido a un desajuste en el formato de los paquetes. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-502: Deserialization of Untrusted Data •