Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-20619: February 2023

In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519159; Issue ID: ALPS07519159.

CVE
#vulnerability#web#android#dos#rce#wifi

February 2023 Product Security Bulletin

Published 2023-02-06

The MediaTek Product Security Bulletin contains details of security vulnerabilities affecting MediaTek Smartphone, Tablet, AIoT, Smart display, Smart platform, OTT and Wi-Fi chipsets. Device OEMs have been notified of all the issues and the corresponding security patches for at least two months before publication.

The severity of the identified vulnerabilities was conducted based on the Common Vulnerability Scoring System version 3.1 (CVSS v3.1).

****Summary****

Severity

CVEs

High

CVE-2023-20602

Medium

CVE-2023-20604, CVE-2023-20605, CVE-2023-20606, CVE-2023-20607, CVE-2023-20608, CVE-2023-20609, CVE-2023-20610, CVE-2023-20611, CVE-2023-20612, CVE-2023-20613, CVE-2023-20614, CVE-2023-20615, CVE-2023-20616, CVE-2023-20618, CVE-2023-20619, CVE-2022-32642, CVE-2022-32643, CVE-2022-32654, CVE-2022-32655, CVE-2022-32656, CVE-2022-32663

****Details****

CVE

CVE-2023-20602

Title

Improper input validation in ged

Severity

High

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6735, MT6737, MT6739, MT6753, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6885, MT6889, MT6893, MT6895, MT6983

Affected Software Versions

Android 10.0, 11.0, 12.0, 13.0

CVE

CVE-2023-20604

Title

Improper input validation in ged

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6735, MT6737, MT6739, MT6753, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167, MT8362A

Affected Software Versions

Android 11.0, 12.0, 13.0

CVE

CVE-2023-20605

Title

Improper input validation in keyinstall

Severity

Medium

Vulnerability Type

ID

CWE

CWE-20 Improper Input Validation

Description

In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797

Affected Software Versions

Android 11.0, 12.0, 13.0

CVE

CVE-2023-20606

Title

Improper input validation in apusys

Severity

Medium

Vulnerability Type

ID

CWE

CWE-20 Improper Input Validation

Description

In apusys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6879, MT6895, MT6983

Affected Software Versions

Android 12.0, 12.1

CVE

CVE-2023-20607

Title

Improper synchronization in ccu

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-662 Improper Synchronization

Description

In ccu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6765, MT6768, MT8786

Affected Software Versions

Android 11.0, 12.0

CVE

CVE-2023-20608

Title

Improper synchronization in display drm

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-662 Improper Synchronization

Description

In display drm, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8365, MT8675

Affected Software Versions

Android 11.0, 12.0, 13.0

CVE

CVE-2023-20609

Title

Out-of-bounds read in ccu

Severity

Medium

Vulnerability Type

ID

CWE

CWE-125 Out-of-bounds Read

Description

In ccu, there is a possible out of bounds read due to a logic error. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8768, MT8786, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0, 13.0

CVE

CVE-2023-20610

Title

Improper synchronization in display drm

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-662 Improper Synchronization

Description

In display drm, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8365, MT8675

Affected Software Versions

Android 11.0, 12.0, 13.0

CVE

CVE-2023-20611

Title

Improper synchronization in gpu

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-662 Improper Synchronization

Description

In gpu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8168, MT8365

Affected Software Versions

Android 12.0, 13.0

CVE

CVE-2023-20612

Title

Improper input validation in ril

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797

Affected Software Versions

Android 11.0, 12.0, 13.0

CVE

CVE-2023-20613

Title

Improper input validation in ril

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797

Affected Software Versions

Android 11.0, 12.0, 13.0

CVE

CVE-2023-20614

Title

Out-of-bounds write in ril

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-787 Out-of-bounds Write

Description

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797

Affected Software Versions

Android 11.0, 12.0, 13.0

CVE

CVE-2023-20615

Title

Out-of-bounds write in ril

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-787 Out-of-bounds Write

Description

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797

Affected Software Versions

Android 11.0, 12.0, 13.0

CVE

CVE-2023-20616

Title

Access of resource using incompatible type (‘type confusion’) in ion

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-843 Access of Resource Using Incompatible Type (‘Type Confusion’)

Description

In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8183, MT8321, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791T, MT8797

Affected Software Versions

Android 11.0, 12.0

CVE

CVE-2023-20618

Title

Out-of-bounds read in vcu

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-125 Out-of-bounds Read

Description

In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6761, MT6762, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8786, MT8789, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0, 13.0

CVE

CVE-2023-20619

Title

Use after free in vcu

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-416 Use After Free

Description

In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6761, MT6762, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8786, MT8789, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0, 13.0

CVE

CVE-2022-32642

Title

Improper synchronization in ccd

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-662 Improper Synchronization

Description

In ccd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6879, MT6895, MT6983

Affected Software Versions

Android 12.0

CVE

CVE-2022-32643

Title

Improper synchronization in ccd

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-662 Improper Synchronization

Description

In ccd, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6879, MT6895, MT6983

Affected Software Versions

Android 12.0

CVE

CVE-2022-32654

Title

Improper input validation in Wi-Fi driver

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788

Affected Software Versions

7.6.6.0

CVE

CVE-2022-32655

Title

Improper input validation in Wi-Fi driver

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788

Affected Software Versions

7.6.6.0

CVE

CVE-2022-32656

Title

Improper input validation in Wi-Fi driver

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7663, MT7668, MT7682, MT7686, MT7687, MT7697, MT7902, MT7915, MT7916, MT7921, MT7933, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8695, MT8696, MT8788

Affected Software Versions

7.6.6.0

CVE

CVE-2022-32663

Title

Null pointer dereference in Wi-Fi driver

Severity

Medium

Vulnerability Type

DoS

CWE

CWE-476 NULL Pointer Dereference

Description

In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT5221, MT7603, MT7613, MT7615, MT7622, MT7628, MT7629, MT7668, MT7902, MT7915, MT7916, MT7921, MT7981, MT7986, MT8167S, MT8175, MT8362A, MT8365, MT8385, MT8518S, MT8532, MT8788

Affected Software Versions

7.6.6.1

****Vulnerability Type Definition****

Abbreviation

Definition

RCE

Remote Code Execution

EoP

Elevation of Privilege

ID

Information Disclosure

DoS

Denial of Service

N/A

Classification not available

****Versions****

Version

Date

Description

1.0

February 6, 2023

Bulletin published.

****Notes****

Information above is generated only at the time of creation of this Security Bulletin. The list of affected chipsets could be not complete. For any further information, device OEMs can reach your MediaTek contact person if needed.

If you want to report a security vulnerability in MediaTek chipsets or products, please go to Report Security Vulnerability page on MediaTek website.

Related news

CVE-2022-20455: Android Security Bulletin—February 2023

In addAutomaticZenRule of ZenModeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242537431

CVE-2021-31578: Acknowledgements

In Boa, there is a possible escalation of privilege due to a stack buffer overflow. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210008; Issue ID: OSBNB00123241.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907