Memory Corruption Vulnerability in MediaTek Products
CVE-2022-20076
Key Information:
- Vendor
- MediaTek
- Vendor
- CVE Published:
- 11 April 2022
Summary
A vulnerability in the ged software from MediaTek has been identified, which involves a potential memory corruption arising from improper error handling. This issue can facilitate local information disclosure, requiring attackers to have system execution privileges for exploitation. Notably, user interaction is unnecessary for the attack to succeed, increasing the risk of exploitation. Proper patches have been developed to address this issue, and users are encouraged to apply the necessary updates.
Affected Version(s)
MT6580, MT6731, MT6735, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8127, MT8135, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8312C, MT8312D, MT8321, MT8362A, MT8365, MT8382, MT8385, MT8389, MT8392, MT8392_90, MT8665, MT8685, MT8693, MT8735, MT8735B, MT8735M, MT8752, MT8765, MT8783, MT8785, MT8788 Android 10.0, 11.0, 12.0
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved