CVE-2023-20677

State: PUBLISHED · Published: 2023-04-06 · Updated: 2024-10-23 · Assigner: MediaTek

Description

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588436.

CWE

CWE-125 — CWE-125 Out-of-bounds Read

Affected

MediaTek, Inc. / MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798 — v=Android 11.0, 12.0, 13.0 / Yocto 3.1, 3.3, 4.0 / Linux-4.19 (for MT5221, MT7663, MT7668, MT7902 and MT7921 chipsets only) [affected]

CVSS

(none)

References

https://corp.mediatek.com/product-security-bulletin/April-2023

Source

cvelistV5-main/cves/2023/20xxx/CVE-2023-20677.json