SB2022060636 - Multiple vulnerabilities in MediaTek chipsets
Published: June 6, 2022 Updated: March 7, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 18 vulnerabilities.
1) Improper Input Validation (CVE-ID: CVE-2022-21755)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to gain access to sensitive information.
The vulnerability exists due to an incorrect bounds check within WLAN driver. A local privileged application can gain access to sensitive information.
2) Integer overflow (CVE-ID: CVE-2022-21762)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to perform service disruption.
The vulnerability exists due to an integer overflow within apusys driver. A local privileged application can perform service disruption.
3) Integer overflow (CVE-ID: CVE-2022-21761)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to perform service disruption.
The vulnerability exists due to an integer overflow within apusys driver. A local privileged application can perform service disruption.
4) Integer overflow (CVE-ID: CVE-2022-21760)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to perform service disruption.
The vulnerability exists due to an integer overflow within apusys driver. A local privileged application can perform service disruption.
5) Buffer overflow (CVE-ID: CVE-2022-21759)
CWE-ID: CWE-120 - Buffer overflow
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within power service. A local privileged application can execute arbitrary code.
6) Double Free (CVE-ID: CVE-2022-21758)
CWE-ID: CWE-415 - Double Free
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a double free within ccu. A local privileged application can execute arbitrary code.
7) Resource exhaustion (CVE-ID: CVE-2022-21757)
CWE-ID: CWE-400 - Resource exhaustion
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing count check within WIFI Firmware. A local application can perform service disruption.
8) Improper Input Validation (CVE-ID: CVE-2022-21756)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to gain access to sensitive information.
The vulnerability exists due to an incorrect bounds check within WLAN driver. A local privileged application can gain access to sensitive information.
9) Improper Input Validation (CVE-ID: CVE-2022-21754)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within WLAN driver. A local privileged application can execute arbitrary code.
10) Use-after-free (CVE-ID: CVE-2022-21745)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in WIFI firmware. A remote attacker can trick the victim into connecting to the malicious hotspot compromise vulnerable system.
11) Improper Input Validation (CVE-ID: CVE-2022-21753)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within WLAN driver. A local privileged application can execute arbitrary code.
12) Improper Input Validation (CVE-ID: CVE-2022-21752)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within WLAN driver. A local privileged application can execute arbitrary code.
13) Improper Input Validation (CVE-ID: CVE-2022-21751)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within WLAN driver. A local privileged application can execute arbitrary code.
14) Improper Input Validation (CVE-ID: CVE-2022-21750)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within WLAN driver. A local privileged application can execute arbitrary code.
15) Improper Access Control (CVE-ID: CVE-2022-21749)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to a missing permission check within telephony. A local application can gain access to sensitive information.
16) Improper Access Control (CVE-ID: CVE-2022-21748)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to a missing permission check within telephony. A local application can gain access to sensitive information.
17) Improper Input Validation (CVE-ID: CVE-2022-21747)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to perform service disruption.
The vulnerability exists due to a missing bounds check within imgsensor. A local privileged application can perform service disruption.
18) Improper Input Validation (CVE-ID: CVE-2022-21746)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged application to perform service disruption.
The vulnerability exists due to a missing bounds check within imgsensor. A local privileged application can perform service disruption.
Remediation
Install update from vendor's website.