Описание
In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262518; Issue ID: ALPS07262518.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*
Одно из
cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*
EPSS
Процентиль: 4%
0.00018
Низкий
6.7 Medium
CVSS3
Дефекты
CWE-20
CWE-20
Связанные уязвимости
CVSS3: 6.7
github
около 3 лет назад
In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262518; Issue ID: ALPS07262518.
EPSS
Процентиль: 4%
0.00018
Низкий
6.7 Medium
CVSS3
Дефекты
CWE-20
CWE-20