Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-32828


In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767817; Issue ID: ALPS07767817.


Published

2023-10-02T03:15:10.137

Last Modified

2024-11-21T08:04:07.790

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.7 (MEDIUM)

Weaknesses
  • Type: Primary
    CWE-190
  • Type: Secondary
    CWE-190

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application mediatek iot_yocto 23.0 Yes
Operating System google android 12.0 Yes
Hardware mediatek mt6771 - No
Hardware mediatek mt6779 - No
Hardware mediatek mt6785 - No
Hardware mediatek mt6853 - No
Hardware mediatek mt6853t - No
Hardware mediatek mt6873 - No
Hardware mediatek mt6877 - No
Hardware mediatek mt6885 - No
Hardware mediatek mt6891 - No
Hardware mediatek mt6893 - No
Hardware mediatek mt8183 - No
Hardware mediatek mt8188 - No
Hardware mediatek mt8195 - No
Hardware mediatek mt8390 - No
Hardware mediatek mt8395 - No

References