exploitDog

CVE-2024-20019

Опубликовано: 04 мар. 2024

Источник: nvd

CVSS3: 5.9

EPSS Низкий

Описание

In wlan driver, there is a possible memory leak due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00351241; Issue ID: MSV-1173.

Ссылки

https://corp.mediatek.com/product-security-bulletin/March-2024
Vendor Advisory
https://corp.mediatek.com/product-security-bulletin/March-2024
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:mediatek:software_package:*:*:*:*:*:*:*:*

Версия до 2023.11.10 (включая)

Одно из

cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.0108

Низкий

5.9 Medium

CVSS3

Дефекты

CWE-200

Связанные уязвимости

GHSA-6h38-c284-95hc

CVSS3: 5.9

github

почти 2 года назад

In wlan driver, there is a possible memory leak due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00351241; Issue ID: MSV-1173.

EPSS

Процентиль: 77%

0.0108

Низкий

5.9 Medium

CVSS3

Дефекты

CWE-200