In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google android - |
||
huawei berkeley-l09 firmware |
||
huawei columbia-al10b firmware |
||
huawei columbia-l29d firmware |
||
huawei columbia-tl00b firmware |
||
huawei columbia-tl00d firmware |
||
huawei cornell-al00a firmware |
||
huawei cornell-tl10b firmware |
||
huawei dura-al00a firmware |
||
huawei honor 20 pro firmware |
||
huawei y6 2019 firmware |
||
huawei nova 3 firmware |
||
huawei nova 4 firmware |
||
huawei honor 8a firmware |
||
huawei honor view 20 firmware |
||
huawei jakarta-al00a firmware |
||
huawei katyusha-al00a firmware |
||
huawei katyusha-al10a firmware |
||
huawei madrid-al00a firmware |
||
huawei paris-l29b firmware |
||
huawei princeton-al10b firmware |
||
huawei sydney-al00 firmware |
||
huawei sydney-tl00 firmware |
||
huawei sydneym-al00 firmware |
||
huawei tony-al00b firmware |
||
huawei tony-tl00b firmware |
||
huawei yale-al00a firmware |
||
huawei yale-l21a firmware |
||
huawei yalep-al10b firmware |
MediaTek chipset flaw already exploited in the wild Android owners – you'll want to get these latest security patches, especially for this nasty Bluetooth hijack flaw
Google has emitted its latest monthly batch of Android security fixes, addressing a total of 70 CVE-listed vulnerabilities. The March update includes 17 patches for flaws described as critical remote code execution holes, though only one is actually documented due to the other 16 residing in closed-source Qualcomm components. The documented flaw, CVE-2020-0032, lies within the open-source Android media framework that can be exploited by opening a booby-trapped file that Google is disturbingly va...