Out of Bounds Write Vulnerability in MediaTek GPS Services
CVE-2022-32635
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 3 January 2023
What is CVE-2022-32635?
A vulnerability exists in MediaTek's GPS services which allows for a possible out of bounds write due to a missing bounds check. This flaw could enable local escalation of privilege without the need for additional execution privileges, and does not require user interaction to exploit. Users and administrators are encouraged to apply the available patches to mitigate this issue.
Affected Version(s)
MT6580, MT6735, MT6739, MT6753, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 Android 10.0, 11.0, 12.0, 13.0