CVE-2023-32827

State: PUBLISHED · Published: 2023-10-02 · Updated: 2024-09-21 · Assigner: MediaTek

Description

In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539.

CWE

CWE-787 — CWE-787 Out-of-bounds Write
CWE-20 — CWE-20 Improper Input Validation

Affected

MediaTek, Inc. / MT6879, MT6886, MT6895, MT6983, MT6985, MT6989, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798 — v=Android 12.0, 13.0 [affected]

CVSS

(none)

References

https://corp.mediatek.com/product-security-bulletin/October-2023

Source

cvelistV5-main/cves/2023/32xxx/CVE-2023-32827.json