In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255.
References
Link | Resource |
---|---|
https://corp.mediatek.com/product-security-bulletin/March-2024 | Vendor Advisory |
https://corp.mediatek.com/product-security-bulletin/March-2024 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
13 Mar 2025, 14:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-125 |
30 Jan 2025, 15:11
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
References | () https://corp.mediatek.com/product-security-bulletin/March-2024 - Vendor Advisory | |
CPE | cpe:2.3:a:rdkcentral:rdkb:2022q3:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:* cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:* cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
First Time |
Rdkcentral rdkb
Mediatek mt6855 Mediatek mt8796 Mediatek mt8666 Mediatek mt8789 Mediatek mt6789 Mediatek mt6880 Rdkcentral Mediatek mt8791 Openwrt Mediatek mt8321 Mediatek mt8766 Mediatek mt6989 Mediatek mt8673 Openwrt openwrt Mediatek mt8788 Mediatek mt8667 Mediatek mt6879 Google android Mediatek mt8385 Mediatek mt2737 Mediatek mt6835 Mediatek mt6895 Mediatek mt6890 Mediatek mt6886 Mediatek mt6985 Mediatek mt6980 Linuxfoundation Mediatek mt8797 Linuxfoundation yocto Mediatek mt6990 Mediatek mt8798 Mediatek mt8768 Mediatek mt8765 Mediatek mt8786 Mediatek Mediatek mt8781 Mediatek mt6983 |
21 Nov 2024, 08:51
Type | Values Removed | Values Added |
---|---|---|
References | () https://corp.mediatek.com/product-security-bulletin/March-2024 - | |
Summary |
|
04 Mar 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-04 03:15
Updated : 2025-03-13 14:15
NVD link : CVE-2024-20022
Mitre link : CVE-2024-20022
CVE.ORG link : CVE-2024-20022
JSON object : View
Products Affected
mediatek
- mt8768
- mt6895
- mt6980
- mt8385
- mt8667
- mt6989
- mt6879
- mt8666
- mt8788
- mt8766
- mt6789
- mt6983
- mt2737
- mt6990
- mt8673
- mt8765
- mt6890
- mt6835
- mt8797
- mt8781
- mt6855
- mt6985
- mt6886
- mt8789
- mt8796
- mt8786
- mt8321
- mt6880
- mt8791
- mt8798
openwrt
- openwrt
linuxfoundation
- yocto
- android
rdkcentral
- rdkb
CWE