Double Free Vulnerability in MediaTek Products
CVE-2023-20664
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 6 April 2023
What is CVE-2023-20664?
A vulnerability exists in MediaTek's gz component that allows for a potential double free condition due to a use after free issue. This vulnerability could be exploited for local privilege escalation, requiring system execution privileges. Importantly, the exploitation does not necessitate user interaction, making it particularly concerning for affected environments. Affected users should apply the available patches promptly to mitigate risks.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8185, MT8188, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8673, MT8675, MT8696, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891 Android 10.0, 11.0, 12.0, 13.0
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved