Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-0069

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754

Published

2020-03-10T20:15:21.947

Last Modified

2025-10-23T14:52:54.557

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-787
Type: Secondary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	google	android	-	Yes
Operating System	huawei	berkeley-l09_firmware	< 10.0.0.177\(c10e3r1p4\)	Yes
Hardware	huawei	berkeley-l09	-	No
Operating System	huawei	columbia-al10b_firmware	< 10.0.0.178\(c00e178r1p4\)	Yes
Hardware	huawei	columbia-al10b	-	No
Operating System	huawei	columbia-l29d_firmware	< 10.0.0.177\(c10e4r1p4\)	Yes
Hardware	huawei	columbia-l29d	-	No
Operating System	huawei	columbia-tl00b_firmware	< 10.0.0.178\(c01e178r1p4\)	Yes
Hardware	huawei	columbia-tl00b	-	No
Operating System	huawei	columbia-tl00d_firmware	< 10.0.0.178\(c01e178r1p4\)	Yes
Hardware	huawei	columbia-tl00d	-	No
Operating System	huawei	cornell-al00a_firmware	< 9.1.0.340\(c00e333r1p1t8\)	Yes
Hardware	huawei	cornell-al00a	-	No
Operating System	huawei	cornell-tl10b_firmware	< 9.1.0.340\(c01e333r1p1t8\)	Yes
Hardware	huawei	cornell-tl10b	-	No
Operating System	huawei	dura-al00a_firmware	< 1.0.0.190\(c00\)	Yes
Hardware	huawei	dura-al00a	-	No
Operating System	huawei	honor_20_pro_firmware	< 10.0.0.194\(c636e3r3p1\)	Yes
Hardware	huawei	honor_20_pro	-	No
Operating System	huawei	y6_2019_firmware	< 9.1.0.290\(c185e5r4p1\)	Yes
Hardware	huawei	y6_2019	-	No
Operating System	huawei	nova_3_firmware	< 9.1.0.338\(c00e333r1p1t8\)	Yes
Hardware	huawei	nova_3	-	No
Operating System	huawei	nova_4_firmware	< 10.0.0.160\(c01e32r2p4\)	Yes
Hardware	huawei	nova_4	-	No
Operating System	huawei	honor_8a_firmware	< 9.1.0.291\(c185e3r4p1\)	Yes
Hardware	huawei	honor_8a	-	No
Operating System	huawei	honor_view_20_firmware	< 10.0.0.198\(c432e10r3p4\)	Yes
Hardware	huawei	honor_view_20	-	No
Operating System	huawei	jakarta-al00a_firmware	< 9.1.0.251\(c00e106r2p2\)	Yes
Hardware	huawei	jakarta-al00a	-	No
Operating System	huawei	katyusha-al00a_firmware	< 9.1.0.146\(c00e131r2p2\)	Yes
Hardware	huawei	katyusha-al00a	-	No
Operating System	huawei	katyusha-al10a_firmware	< 9.1.0.160\(c00e150r1p7\)	Yes
Hardware	huawei	katyusha-al10a	-	No
Operating System	huawei	madrid-al00a_firmware	< 9.1.0.261\(c00e120r4p1\)	Yes
Hardware	huawei	madrid-al00a	-	No
Operating System	huawei	paris-l29b_firmware	< 9.1.0.380\(c636e1r1p3t8\)	Yes
Hardware	huawei	paris-l29b	-	No
Operating System	huawei	princeton-al10b_firmware	< 10.0.0.194\(c00e61r4p11\)	Yes
Hardware	huawei	princeton-al10b	-	No
Operating System	huawei	sydney-al00_firmware	< 9.1.0.237\(c00e80r1p7t8\)	Yes
Hardware	huawei	sydney-al00	-	No
Operating System	huawei	sydney-tl00_firmware	< 9.1.0.237\(c01e80r1p7t8\)	Yes
Hardware	huawei	sydney-tl00	-	No
Operating System	huawei	sydneym-al00_firmware	< 10.0.0.159\(c00e64r1p5\)	Yes
Hardware	huawei	sydneym-al00	-	No
Operating System	huawei	tony-al00b_firmware	< 10.1.0.137\(c00e137r2p11\)	Yes
Hardware	huawei	tony-al00b	-	No
Operating System	huawei	tony-tl00b_firmware	< 10.0.0.196\(c01e65r2p11\)	Yes
Hardware	huawei	tony-tl00b	-	No
Operating System	huawei	yale-al00a_firmware	< 10.0.0.196\(c00e62r8p12\)	Yes
Hardware	huawei	yale-al00a	-	No
Operating System	huawei	yale-l21a_firmware	< 10.0.0.202\(c10e3r3p2\)	Yes
Hardware	huawei	yale-l21a	-	No
Operating System	huawei	yalep-al10b_firmware	< 10.0.0.194\(c00e62r8p12\)	Yes
Hardware	huawei	yalep-al10b	-	No
Operating System	huawei	columbia-l29d_firmware	< 10.0.0.177\(c432e3r1p4\)	Yes
Hardware	huawei	columbia-l29d	-	No
Operating System	huawei	honor_20_pro_firmware	< 10.0.0.202\(c10e3r3p2\)	Yes
Hardware	huawei	honor_20_pro	-	No
Operating System	huawei	y6_2019_firmware	< 9.1.0.290\(c431e1r1p8\)	Yes
Hardware	huawei	y6_2019	-	No
Operating System	huawei	y6_2019_firmware	< 9.1.0.290\(c605e6r1p6\)	Yes
Hardware	huawei	y6_2019	-	No
Operating System	huawei	y6_2019_firmware	< 9.1.0.295\(c431e5r2p2\)	Yes
Hardware	huawei	y6_2019	-	No
Operating System	huawei	honor_8a_firmware	< 9.1.0.291\(c432e5r2p1\)	Yes
Hardware	huawei	honor_8a	-	No
Operating System	huawei	honor_8a_firmware	< 9.1.0.291\(c636e4r4p1\)	Yes
Hardware	huawei	honor_8a	-	No
Operating System	huawei	honor_8a_firmware	< 9.1.0.297\(c605e4r4p2\)	Yes
Hardware	huawei	honor_8a	-	No
Operating System	huawei	honor_view_20_firmware	< 10.0.0.200\(c185e3r3p3\)	Yes
Hardware	huawei	honor_view_20	-	No
Operating System	huawei	honor_view_20_firmware	< 10.0.0.201\(c10e5r4p3\)	Yes
Hardware	huawei	honor_view_20	-	No

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en Vendor Advisory ([email protected])
https://source.android.com/security/bulletin/2020-03-01 Vendor Advisory ([email protected])
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://source.android.com/security/bulletin/2020-03-01 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0069 Third Party Advisory, US Government Resource (134c704f-9b21-4f2e-91b3-4a467353bcc0)