ГлавнаяУязвимости → CVE-2024-20104
8.4высокая

CVE-2024-20104

Описание

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772.

Затрагиваемое ПО
Linuxfoundation YoctoRdkcentral Rdk-bGoogle AndroidOpenwrt OpenwrtMediatek Mt6781Mediatek Mt6789Mediatek Mt6835Mediatek Mt6855Mediatek Mt6878Mediatek Mt6879Mediatek Mt6880Mediatek Mt6886Mediatek Mt6890Mediatek Mt6895Mediatek Mt6897Mediatek Mt6980Mediatek Mt6983Mediatek Mt6985Mediatek Mt6989Mediatek Mt6990Mediatek Mt8188Mediatek Mt8370Mediatek Mt8390Mediatek Mt8676
CVSS
Балл8.4 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://corp.mediatek.com/product-security-bulletin/November-2024