CVSS: 7.5EPSS: 0%CPEs: 45EXPL: 0CVE-2022-32589
https://notcve.org/view.php?id=CVE-2022-32589
In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07030600; Issue ID: ALPS07030600. En Wi-Fi driver, se presenta una posible forma de desconectar el Wi-Fi debido a una liberación inapropiada de recursos. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2022-26452
https://notcve.org/view.php?id=CVE-2022-26452
In isp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262305; Issue ID: ALPS07262305. En isp, se presenta un posible uso de memoria previamente liberada debido a un bloqueo inapropiado. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-667: Improper Locking •
CVSS: 6.7EPSS: 0%CPEs: 19EXPL: 0CVE-2022-32592
https://notcve.org/view.php?id=CVE-2022-32592
In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405. En cpu dvfs, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2022-26471
https://notcve.org/view.php?id=CVE-2022-26471
In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319121; Issue ID: ALPS07319121. En telephony, se presenta una posible escalada de privilegios debido a un desajuste en el formato de los paquetes. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 42EXPL: 0CVE-2022-26472
https://notcve.org/view.php?id=CVE-2022-26472
In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095. En ims, se presenta una posible escalada de privilegios debido a un desajuste en el formato de los paquetes. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-502: Deserialization of Untrusted Data •