Описание (на английском; русское — в БДУ выше)
In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue ID: MSV-1835.
Затрагиваемое ПО
Linuxfoundation YoctoMediatek Software development kitGoogle AndroidOpenwrt OpenwrtMediatek Mt2737Mediatek Mt3603Mediatek Mt6835Mediatek Mt6878Mediatek Mt6886Mediatek Mt6897Mediatek Mt6990Mediatek Mt7902Mediatek Mt7920Mediatek Mt7922Mediatek Mt8365Mediatek Mt8518sMediatek Mt8532Mediatek Mt8666Mediatek Mt8667Mediatek Mt8673Mediatek Mt8755Mediatek Mt8766Mediatek Mt8768Mediatek Mt8775Mediatek Mt8781
CVSS
| Балл | 8.1 — высокая |
| Вектор | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |
Источники
https://corp.mediatek.com/product-security-bulletin/January-2025