Possible Out-of-Bounds Write Leads to Local Escalation of Privilege
CVE-2024-20134

Currently unrated

Key Information:

Vendor: MediaTek
Status: Mt6835, Mt6878, Mt6879, Mt6895, Mt6896, Mt6897, Mt6983, Mt6985, Mt6989, Mt8755, Mt8775, Mt8796, Mt8798
Vendor: CVE Published:; 2 December 2024

Summary

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09154589; Issue ID: MSV-1866.

Affected Version(s)

MT6835, MT6878, MT6879, MT6895, MT6896, MT6897, MT6983, MT6985, MT6989, MT8755, MT8775, MT8796, MT8798 Android 13.0, 14.0, 15.0

References

https://corp.mediatek.com/product-security-bulletin/Decem...

Timeline

Vulnerability published
Dec 2, 2024
Vulnerability Reserved
Nov 2, 2023