CVSS: 5.5EPSS: 0%CPEs: 45EXPL: 0CVE-2023-32825
https://notcve.org/view.php?id=CVE-2023-32825
06 Nov 2023 — In bluethooth service, there is a possible out of bounds reads due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07884130; Issue ID: ALPS07884130. En el servicio Bluetooth, existe una posible lectura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2023-20702
https://notcve.org/view.php?id=CVE-2023-20702
06 Nov 2023 — In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895. En 5G NRLC, existe un posible acceso no válido a la memoria debido a la falta de manejo de errores. • https://corp.mediatek.com/product-security-bulletin/November-2023 •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2023-32836
https://notcve.org/view.php?id=CVE-2023-32836
06 Nov 2023 — In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08126725; Issue ID: ALPS08126725. En la pantalla, hay una posible escritura fuera de los límites debido a un desbordamiento de enteros. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2023-32835
https://notcve.org/view.php?id=CVE-2023-32835
06 Nov 2023 — In keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08157918; Issue ID: ALPS08157918. En keyinstall, existe una posible corrupción de memoria debido a confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.7EPSS: 0%CPEs: 50EXPL: 0CVE-2023-32834
https://notcve.org/view.php?id=CVE-2023-32834
06 Nov 2023 — In secmem, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161762; Issue ID: ALPS08161762. En secmem, existe una posible corrupción de la memoria debido a una confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.0EPSS: 0%CPEs: 11EXPL: 1CVE-2023-32832 – Android mtk_jpeg Driver Race Condition / Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-32832
06 Nov 2023 — In video, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08235273. En el vídeo, hay una posible corrupción de la memoria debido a una condición de ejecución. • https://packetstorm.news/files/id/175662 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 20EXPL: 0CVE-2023-32829
https://notcve.org/view.php?id=CVE-2023-32829
02 Oct 2023 — In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07713478; Issue ID: ALPS07713478. En apusys, existe una posible escritura fuera de límites debido a un desbordamiento de enteros. • https://corp.mediatek.com/product-security-bulletin/October-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 36EXPL: 0CVE-2023-32827
https://notcve.org/view.php?id=CVE-2023-32827
02 Oct 2023 — In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539. En camera middleware, existe una posible escritura fuera de límites debido a una validación de entrada faltante. • https://corp.mediatek.com/product-security-bulletin/October-2023 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 36EXPL: 0CVE-2023-32826
https://notcve.org/view.php?id=CVE-2023-32826
02 Oct 2023 — In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993544. En camera middleware, existe una posible escritura fuera de límites debido a una validación de entrada faltante. • https://corp.mediatek.com/product-security-bulletin/October-2023 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 32EXPL: 0CVE-2023-32824
https://notcve.org/view.php?id=CVE-2023-32824
02 Oct 2023 — In rpmb , there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912961. En rpmb, existe una posible doble liberación debido a un bloqueo inadecuado. • https://corp.mediatek.com/product-security-bulletin/October-2023 • CWE-415: Double Free •