CVE-2022-32594: December 2022

December 2022 Product Security Bulletin

Published 2022-12-05

The MediaTek Product Security Bulletin contains details of security vulnerabilities affecting MediaTek Smartphone, Tablet, AIoT, Smart display, Smart platform and OTT chipsets. Device OEMs have been notified of all the issues and the corresponding security patches for at least two months before publication.

The severity of the identified vulnerabilities was conducted based on the Common Vulnerability Scoring System version 3.1 (CVSS v3.1).

****Summary****

Severity

CVEs

High

CVE-2022-32619, CVE-2022-32594, CVE-2022-32597, CVE-2022-32598, CVE-2022-32596, CVE-2022-32620

Medium

CVE-2022-32595, CVE-2022-32621, CVE-2022-32622, CVE-2022-32624, CVE-2022-32625, CVE-2022-32626, CVE-2022-32628, CVE-2022-32629, CVE-2022-32630, CVE-2022-32631, CVE-2022-32632, CVE-2022-32633, CVE-2022-32634

****Details****

CVE

CVE-2022-32619

Title

Buffer copy without checking size of input (‘classic buffer overflow’) in keyinstall

Severity

High

Vulnerability Type

EoP

CWE

CWE-120 Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’)

Description

In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0, 13.0

CVE

CVE-2022-32594

Title

Improper input validation in widevine

Severity

High

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

CVE-2022-32597

Title

Improper input validation in widevine

Severity

High

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

CVE-2022-32598

Title

Improper input validation in widevine

Severity

High

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

CVE-2022-32596

Title

Improper input validation in widevine

Severity

High

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

CVE-2022-32620

Title

Improper access control in mpu

Severity

High

Vulnerability Type

EoP

CWE

CWE-284 Improper Access Control

Description

In mpu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6781, MT6789, MT6833, MT6853, MT6873, MT6877, MT8781, MT8791

Affected Software Versions

Android 11.0, 12.0, 13.0

CVE

CVE-2022-32595

Title

Improper input validation in widevine

Severity

Medium

Vulnerability Type

ID

CWE

CWE-20 Improper Input Validation

Description

In widevine, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

CVE-2022-32621

Title

Improper synchronization in isp

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-662 Improper Synchronization

Description

In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6895, MT6983

Affected Software Versions

Android 12.0

CVE

CVE-2022-32622

Title

Improper input validation in gz

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In gz, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6789, MT6855, MT6879, MT6895, MT6983, MT8781

Affected Software Versions

Android 11.0, 12.0, 13.0

CVE

CVE-2022-32624

Title

Buffer copy without checking size of input (‘classic buffer overflow’) in throttling

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-120 Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’)

Description

In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6789, MT6855, MT6895, MT6983, MT8168, MT8365, MT8781

Affected Software Versions

Android 11.0, 12.0

CVE

CVE-2022-32625

Title

Improper input validation in display

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8365, MT8675, MT8766, MT8781, MT8791

Affected Software Versions

Android 11.0, 12.0

CVE

CVE-2022-32626

Title

Improper input validation in display

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8365, MT8766, MT8781, MT8791

Affected Software Versions

Android 11.0, 12.0

CVE

CVE-2022-32628

Title

Improper input validation in isp

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6833, MT6853, MT6855, MT6873, MT6877, MT6893, MT8791

Affected Software Versions

Android 12.0

CVE

CVE-2022-32629

Title

Improper input validation in isp

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6833, MT6853, MT6855, MT6873, MT6877, MT6893, MT8791

Affected Software Versions

Android 12.0

CVE

CVE-2022-32630

Title

Stack-based buffer overflow in throttling

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-121 Stack-based Buffer Overflow

Description

In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6789, MT6855, MT6895, MT6983, MT8781

Affected Software Versions

Android 12.0, 13.0

CVE

CVE-2022-32631

Title

Improper input validation in Wi-Fi

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6873, MT6877, MT6879, MT6883, MT6895, MT6983, MT8168, MT8365, MT8385, MT8666, MT8667, MT8675, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0, 13.0 and Yocto 3.1

CVE

CVE-2022-32632

Title

Improper input validation in Wi-Fi

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6735, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6983, MT7663, MT7668, MT7902, MT7921, MT7933, MT8168, MT8365, MT8518, MT8532, MT8666, MT8667, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8789, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0, 13.0 and Yocto 3.1,3.3

CVE

CVE-2022-32633

Title

Incorrect use of privileged apis in Wi-Fi

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-648 Incorrect Use of Privileged APIs

Description

In Wi-Fi, there is a possible memory access violation due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0, 13.0 and Yocto 3.1,3.3

CVE

CVE-2022-32634

Title

Improper input validation in ccci

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0, 13.0

****Vulnerability Type Definition****

Abbreviation

Definition

RCE

Remote Code Execution

EoP

Elevation of Privilege

ID

Information Disclosure

DoS

Denial of Service

N/A

Classification not available

****Versions****

Version

Date

Description

1.0

December 5, 2022

Bulletin published.

****Notes****

Information above is generated only at the time of creation of this Security Bulletin. The list of affected chipsets could be not complete. For any further information, device OEMs can reach your MediaTek contact person if needed.

If you want to report a security vulnerability in MediaTek chipsets or products, please go to Report Security Vulnerability page on MediaTek website.