Memory Corruption Vulnerability in MediaTek Products
CVE-2022-20076
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 11 April 2022
What is CVE-2022-20076?
A vulnerability in the ged software from MediaTek has been identified, which involves a potential memory corruption arising from improper error handling. This issue can facilitate local information disclosure, requiring attackers to have system execution privileges for exploitation. Notably, user interaction is unnecessary for the attack to succeed, increasing the risk of exploitation. Proper patches have been developed to address this issue, and users are encouraged to apply the necessary updates.
Affected Version(s)
MT6580, MT6731, MT6735, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8127, MT8135, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8312C, MT8312D, MT8321, MT8362A, MT8365, MT8382, MT8385, MT8389, MT8392, MT8392_90, MT8665, MT8685, MT8693, MT8735, MT8735B, MT8735M, MT8752, MT8765, MT8783, MT8785, MT8788 Android 10.0, 11.0, 12.0