Out of Bounds Write Vulnerability in Mediatek WLAN Driver
CVE-2024-20146
Key Information:
Summary
A vulnerability has been identified in the Mediatek WLAN STA driver, allowing for a potential out of bounds write due to improper input validation. This flaw could enable attackers to execute arbitrary code remotely, without requiring any additional execution privileges or user interactions. If exploited, this could severely compromise the security of affected systems. Immediate action is recommended to mitigate the risks associated with this type of vulnerability.
Affected Version(s)
MT2737, MT3603, MT6835, MT6878, MT6886, MT6897, MT6990, MT7902, MT7920, MT7922, MT8365, MT8518S, MT8532, MT8666, MT8667, MT8673, MT8755, MT8766, MT8768, MT8775, MT8781, MT8786, MT8788, MT8796, MT8798, MT8893 Android 13.0, 14.0, 15.0 / SDK release 2.5 and before / openWRT 23.05 / Yocto 3.3, 4.0, 5.0
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved