CVE-2022-20105

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 03-05-2022 11:15

Last modified: - 12-05-2022 04:10

Total changes: - 3

Description

In MM service, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330460; Issue ID: DTV03330460.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

High

Privileges required

Unchanged

Scope

None

User interaction

6.7

Base score

0.8

5.9

Exploitability score

Impact score

Verification logic

AND

vendor=google AND product=android AND version=9.0

vendor=google AND product=android AND version=10.0

vendor=google AND product=android AND version=11.0

vendor=mediatek AND product=mt9629 AND version=-

vendor=mediatek AND product=mt9631 AND version=-

vendor=mediatek AND product=mt9632 AND version=-

vendor=mediatek AND product=mt9636 AND version=-

vendor=mediatek AND product=mt9638 AND version=-

vendor=mediatek AND product=mt9639 AND version=-

vendor=mediatek AND product=mt9650 AND version=-

vendor=mediatek AND product=mt9652 AND version=-

vendor=mediatek AND product=mt9669 AND version=-

vendor=mediatek AND product=mt9670 AND version=-

vendor=mediatek AND product=mt9011 AND version=-

vendor=mediatek AND product=mt9215 AND version=-

vendor=mediatek AND product=mt9216 AND version=-

vendor=mediatek AND product=mt9220 AND version=-

vendor=mediatek AND product=mt9221 AND version=-

vendor=mediatek AND product=mt9255 AND version=-

vendor=mediatek AND product=mt9256 AND version=-

vendor=mediatek AND product=mt9266 AND version=-

vendor=mediatek AND product=mt9269 AND version=-

vendor=mediatek AND product=mt9285 AND version=-

vendor=mediatek AND product=mt9286 AND version=-

vendor=mediatek AND product=mt9288 AND version=-

vendor=mediatek AND product=mt9600 AND version=-

vendor=mediatek AND product=mt9602 AND version=-

vendor=mediatek AND product=mt9610 AND version=-

vendor=mediatek AND product=mt9611 AND version=-

vendor=mediatek AND product=mt9675 AND version=-

vendor=mediatek AND product=mt9685 AND version=-

vendor=mediatek AND product=mt9686 AND version=-

vendor=mediatek AND product=mt9688 AND version=-

vendor=mediatek AND product=mt9612 AND version=-

vendor=mediatek AND product=mt9613 AND version=-

vendor=mediatek AND product=mt9615 AND version=-

vendor=mediatek AND product=mt9617 AND version=-

vendor=mediatek AND product=mt9630 AND version=-

vendor=mediatek AND product=mt9666 AND version=-

AND

vendor=linux AND product=linux_kernel AND version=4.9

vendor=linux AND product=linux_kernel AND version=4.19

vendor=mediatek AND product=mt9629 AND version=-

vendor=mediatek AND product=mt9631 AND version=-

vendor=mediatek AND product=mt9632 AND version=-

vendor=mediatek AND product=mt9636 AND version=-

vendor=mediatek AND product=mt9638 AND version=-

vendor=mediatek AND product=mt9639 AND version=-

vendor=mediatek AND product=mt9650 AND version=-

vendor=mediatek AND product=mt9652 AND version=-

vendor=mediatek AND product=mt9669 AND version=-

vendor=mediatek AND product=mt9670 AND version=-

vendor=mediatek AND product=mt9011 AND version=-

vendor=mediatek AND product=mt9215 AND version=-

vendor=mediatek AND product=mt9216 AND version=-

vendor=mediatek AND product=mt9220 AND version=-

vendor=mediatek AND product=mt9221 AND version=-

vendor=mediatek AND product=mt9255 AND version=-

vendor=mediatek AND product=mt9256 AND version=-

vendor=mediatek AND product=mt9266 AND version=-

vendor=mediatek AND product=mt9269 AND version=-

vendor=mediatek AND product=mt9285 AND version=-

vendor=mediatek AND product=mt9286 AND version=-

vendor=mediatek AND product=mt9288 AND version=-

vendor=mediatek AND product=mt9600 AND version=-

vendor=mediatek AND product=mt9602 AND version=-

vendor=mediatek AND product=mt9610 AND version=-

vendor=mediatek AND product=mt9611 AND version=-

vendor=mediatek AND product=mt9675 AND version=-

vendor=mediatek AND product=mt9685 AND version=-

vendor=mediatek AND product=mt9686 AND version=-

vendor=mediatek AND product=mt9688 AND version=-

vendor=mediatek AND product=mt9612 AND version=-

vendor=mediatek AND product=mt9613 AND version=-

vendor=mediatek AND product=mt9615 AND version=-

vendor=mediatek AND product=mt9617 AND version=-

vendor=mediatek AND product=mt9630 AND version=-

vendor=mediatek AND product=mt9666 AND version=-

Reference

https://corp.mediatek.com/product-security-bulletin/May-2022

Keywords

CVE-2022-20105

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2022-20105

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures