CVSS: 6.7EPSS: 0%CPEs: 39EXPL: 0CVE-2023-20615
https://notcve.org/view.php?id=CVE-2023-20615
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629572; Issue ID: ALPS07629572. • https://corp.mediatek.com/product-security-bulletin/February-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.4EPSS: 0%CPEs: 40EXPL: 0CVE-2023-20611
https://notcve.org/view.php?id=CVE-2023-20611
In gpu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588678; Issue ID: ALPS07588678. • https://corp.mediatek.com/product-security-bulletin/February-2023 • CWE-662: Improper Synchronization •
CVSS: 4.1EPSS: 0%CPEs: 21EXPL: 0CVE-2022-32645
https://notcve.org/view.php?id=CVE-2022-32645
In vow, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494477; Issue ID: ALPS07494477. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-662: Improper Synchronization •
CVSS: 6.7EPSS: 0%CPEs: 59EXPL: 0CVE-2022-32641
https://notcve.org/view.php?id=CVE-2022-32641
In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453594; Issue ID: ALPS07453594. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 0CVE-2022-32653
https://notcve.org/view.php?id=CVE-2022-32653
In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262518; Issue ID: ALPS07262518. En mtk-aie, existe un posible use after free debido a un error lógico. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-20: Improper Input Validation •