Описание
In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08360153 (for MT6XXX chipsets) / WCNCR00363530 (for MT79XX chipsets); Issue ID: MSV-979.
Затрагиваемое ПО
Linuxfoundation YoctoRdkcentral Rdk-bGoogle AndroidLinux Linux kernelOpenwrt OpenwrtMediatek Mt2713Mediatek Mt6580Mediatek Mt6761Mediatek Mt6762Mediatek Mt6768Mediatek Mt6781Mediatek Mt6789Mediatek Mt6833Mediatek Mt6853Mediatek Mt6853tMediatek Mt6855Mediatek Mt6873Mediatek Mt6875Mediatek Mt6877Mediatek Mt6879Mediatek Mt6883Mediatek Mt6885Mediatek Mt6886Mediatek Mt6889Mediatek Mt6890
CVSS
| Балл | 8.8 — высокая |
| Вектор | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Источники
https://corp.mediatek.com/product-security-bulletin/April-2024https://corp.mediatek.com/product-security-bulletin/April-2024