Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-20097


In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1630.


Published

2024-10-07T03:15:03.057

Last Modified

2024-10-27T03:35:02.103

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.4 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-125
  • Type: Primary
    CWE-125

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System google android 12.0 Yes
Hardware mediatek mt6761 - No
Hardware mediatek mt6765 - No
Hardware mediatek mt6768 - No
Hardware mediatek mt6785 - No
Hardware mediatek mt6789 - No
Hardware mediatek mt6853 - No
Hardware mediatek mt6873 - No
Hardware mediatek mt6885 - No
Hardware mediatek mt8666 - No
Hardware mediatek mt8667 - No
Hardware mediatek mt8673 - No
Hardware mediatek mt8675 - No
Hardware mediatek mt8678 - No

References