CVSS: 6.7EPSS: 0%CPEs: 29EXPL: 0CVE-2023-32861
https://notcve.org/view.php?id=CVE-2023-32861
In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08059081; Issue ID: ALPS08059081. En display, hay una posible lectura fuera de los límites debido a una verificación de los límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 24EXPL: 0CVE-2023-32860
https://notcve.org/view.php?id=CVE-2023-32860
In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929788; Issue ID: ALPS07929788. En display, hay un posible desbordamiento del búfer clásico debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.7EPSS: 0%CPEs: 46EXPL: 0CVE-2023-32859
https://notcve.org/view.php?id=CVE-2023-32859
In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473. En meta, existe un posible desbordamiento del búfer clásico debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 36EXPL: 0CVE-2023-32846
https://notcve.org/view.php?id=CVE-2023-32846
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861). En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 36EXPL: 0CVE-2023-32845
https://notcve.org/view.php?id=CVE-2023-32845
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860). En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-617: Reachable Assertion •