In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638.
References
| Link | Resource |
|---|---|
| https://corp.mediatek.com/product-security-bulletin/March-2024 | Vendor Advisory |
| https://corp.mediatek.com/product-security-bulletin/March-2024 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
22 Apr 2025, 20:36
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://corp.mediatek.com/product-security-bulletin/March-2024 - Vendor Advisory | |
| CPE | cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:* cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:* cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:* cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:* cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8188t:-:*:*:*:*:*:*:* |
|
| First Time |
Mediatek mt6980
Rdkcentral Openwrt openwrt Mediatek mt2737 Linuxfoundation Mediatek mt6985 Mediatek mt6855 Mediatek mt6835 Openwrt Mediatek mt8676 Mediatek mt6781 Mediatek mt6879 Mediatek mt8370 Mediatek mt6983 Mediatek mt6890 Mediatek mt6895 Mediatek mt2713 Linuxfoundation yocto Mediatek mt6886 Mediatek mt8678 Mediatek mt6990 Mediatek mt6789 Mediatek Rdkcentral rdk-b Mediatek mt6989 Mediatek mt8673 Google android Mediatek mt8188t Mediatek mt8188 Mediatek mt6880 Mediatek mt8390 |
Information
Published : 2024-03-04 03:15
Updated : 2025-04-22 20:36
NVD link : CVE-2024-20023
Mitre link : CVE-2024-20023
CVE.ORG link : CVE-2024-20023
JSON object : View
Products Affected
mediatek
- mt6890
- mt6989
- mt6789
- mt8678
- mt6895
- mt2737
- mt8188t
- mt8390
- mt6879
- mt8188
- mt6886
- mt6781
- mt6980
- mt6835
- mt8370
- mt6855
- mt2713
- mt6990
- mt8676
- mt6985
- mt6880
- mt8673
- mt6983
- android
linuxfoundation
- yocto
rdkcentral
- rdk-b
openwrt
- openwrt
CWE
CWE-787
Out-of-bounds Write