CVE-2023-32852
https://notcve.org/view.php?id=CVE-2023-32852
In cameraisp, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07670971; Issue ID: ALPS07670971. En cameraisp, existe una posible divulgación de información debido a una validación inadecuada del ingreso. • https://corp.mediatek.com/product-security-bulletin/December-2023 •
CVE-2023-32849
https://notcve.org/view.php?id=CVE-2023-32849
In cmdq, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161758; Issue ID: ALPS08161758. En cmdq, existe una posible escritura fuera de los límites debido a una confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVE-2023-32848
https://notcve.org/view.php?id=CVE-2023-32848
In vdec, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08163896; Issue ID: ALPS08163896. En vdec, existe una posible escritura fuera de los límites debido a confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVE-2023-32847
https://notcve.org/view.php?id=CVE-2023-32847
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08241940; Issue ID: ALPS08241940. En audio, hay una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVE-2023-42749
https://notcve.org/view.php?id=CVE-2023-42749
In enginnermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed En enginnermode service, existe una forma posible de escribir registros de uso de permisos de una aplicación debido a que falta una verificación de permisos. Esto podría conducir a la divulgación de información local sin necesidad de privilegios de ejecución adicionales. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 • CWE-862: Missing Authorization •