CVE-2023-32834
https://notcve.org/view.php?id=CVE-2023-32834
In secmem, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161762; Issue ID: ALPS08161762. En secmem, existe una posible corrupción de la memoria debido a una confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2023-32818
https://notcve.org/view.php?id=CVE-2023-32818
In vdec, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08163896 & ALPS08013430; Issue ID: ALPS07867715. En vdec, existe una posible escritura fuera de los límites debido a confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2023-32832 – Android mtk_jpeg Driver Race Condition / Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-32832
In video, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08235273. En el vídeo, hay una posible corrupción de la memoria debido a una condición de ejecución. • http://packetstormsecurity.com/files/175662/Android-mtk_jpeg-Driver-Race-Condition-Privilege-Escalation.html https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-787: Out-of-bounds Write •
CVE-2023-42654
https://notcve.org/view.php?id=CVE-2023-42654
In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed En el servicio dm, es posible que falte una verificación de permiso. Esto podría conducir a la divulgación de información local sin necesidad de privilegios de ejecución adicionales. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 • CWE-862: Missing Authorization •
CVE-2022-48461
https://notcve.org/view.php?id=CVE-2022-48461
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed En el controlador del sensor, existe una posible escritura fuera de los límites debido a la falta de verificación de los límites. Esto podría provocar una denegación de servicio local con privilegios de ejecución de System necesarios. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 • CWE-787: Out-of-bounds Write •