exploitDog

CVE-2021-0407

Опубликовано: 18 авг. 2021

Источник: nvd

CVSS3: 6.7

CVSS2: 4.6

EPSS Низкий

Описание

In clk driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05479659; Issue ID: ALPS05479659.

Ссылки

https://corp.mediatek.com/product-security-bulletin/August-2021
Third Party Advisory
https://corp.mediatek.com/product-security-bulletin/August-2021
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 4%

0.00019

Низкий

6.7 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-6ff7-4wcg-rwpj

github

больше 3 лет назад

In clk driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05479659; Issue ID: ALPS05479659.

EPSS

Процентиль: 4%

0.00019

Низкий

6.7 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-787