CVE-2021-0903

6.7MEDIUM

Key Information:

Vendor: Google
Status: Mt6873, Mt6875, Mt6877, Mt6883, Mt6885, Mt6889, Mt6891, Mt6893, Mt8195, Mt8791, Mt8797
Vendor: CVE Published:; 17 December 2021

Summary

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05656488.

Affected Version(s)

MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797 Android 10.0, 11.0, 12.0

References

https://corp.mediatek.com/product-security-bulletin/Decem...

x_refsource_MISC

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 17, 2021
Vulnerability Reserved
Nov 6, 2020

Collectors

NVD DatabaseMitre Database