Possible Firmware Vulnerability in Bluetooth Firmware Could Lead to Local Denial of Service
CVE-2024-20139

Currently unrated

Key Information:

Vendor: MediaTek
Status: Mt2737, Mt3605, Mt6985, Mt6989, Mt6990, Mt7925, Mt7927, Mt8518s, Mt8532, Mt8678
Vendor: CVE Published:; 2 December 2024

Summary

In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001270; Issue ID: MSV-1600.

Affected Version(s)

MT2737, MT3605, MT6985, MT6989, MT6990, MT7925, MT7927, MT8518S, MT8532, MT8678 Android 13.0, 14.0, 15.0 / SDK release 3.3 and before / openWRT 23.05 / Yocto 3.3, 4.0, 5.0

References

https://corp.mediatek.com/product-security-bulletin/Decem...

Timeline

Vulnerability published
Dec 2, 2024
Vulnerability Reserved
Nov 2, 2023