CVE-2021-0669

6.7MEDIUM

Key Information:

Vendor: Google
Status: Mt6853, Mt6853t, Mt6873, Mt6875, Mt6877, Mt6883, Mt6885, Mt6889, Mt6891, Mt6893, Mt8195, Mt8791, Mt8797, Mt9636, Mt9638, Mt9639, Mt9650, Mt9652, Mt9669, Mt9686, Mt9970, Mt9980, Mt9981
Vendor: CVE Published:; 18 November 2021

Summary

In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05681550; Issue ID: ALPS05681550.

Affected Version(s)

MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9686, MT9970, MT9980, MT9981 Android 10.0, 11.0

References

https://corp.mediatek.com/product-security-bulletin/Novem...

x_refsource_MISC

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 18, 2021
Vulnerability Reserved
Nov 6, 2020

Collectors

NVD DatabaseMitre Database