Main Vulnerability Database SB2021112504

SB2021112504 - Out-of-bounds write in MediaTek Chipsets

Published: November 25, 2021 Updated: March 7, 2023

Security Bulletin ID SB2021112504

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Out-of-bounds write (CVE-ID: CVE-2021-0673)

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in AudioManager API. A local administrator can trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges.

Remediation

Install update from vendor's website.

References

https://research.checkpoint.com/2021/looking-for-vulnerabilities-in-mediatek-audio-dsp/
https://corp.mediatek.com/product-security-bulletin/December-2021

SB2021112504 - Out-of-bounds write in MediaTek Chipsets

Breakdown by Severity

Description

Remediation

References

Please verify you're human