CVE-2021-0632

6.5MEDIUM

Key Information:

Vendor: Google
Status: Mt6739, Mt6761, Mt6762, Mt6765, Mt6768, Mt6771, Mt6779, Mt6785, Mt6833, Mt6853, Mt6873, Mt6875, Mt6877, Mt6883, Mt6885, Mt6889, Mt6891, Mt6893, Mt8163, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8183, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8735a, Mt8735b, Mt8765, Mt8766, Mt8768, Mt8786, Mt8788, Mt8789, Mt8791, Mt8797
Vendor: CVE Published:; 25 October 2021

Summary

In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker under certain build conditions with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05560246; Issue ID: ALPS05551383.

Affected Version(s)

MT6739, MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 Android 8.1, 9.0, 10.0, 11.0

References

https://corp.mediatek.com/product-security-bulletin/Octob...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 25, 2021
Vulnerability Reserved
Nov 6, 2020

Collectors

NVD DatabaseMitre Database