Multiple vulnerabilities in Unisoc chipsets



Risk Low
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2024-39440
CVE-2024-39439
CVE-2024-39438
CVE-2024-39437
CVE-2024-39436
CWE-ID CWE-476
CWE-787
CWE-77
Exploitation vector Local
Public exploit N/A
Vulnerable software
T606
Mobile applications / Mobile firmware & hardware

T612
Mobile applications / Mobile firmware & hardware

T616
Mobile applications / Mobile firmware & hardware

T610
Mobile applications / Mobile firmware & hardware

T618
Mobile applications / Mobile firmware & hardware

T760
Mobile applications / Mobile firmware & hardware

T770
Mobile applications / Mobile firmware & hardware

T820
Mobile applications / Mobile firmware & hardware

S8000
Mobile applications / Mobile firmware & hardware

SC7731E
Mobile applications / Mobile firmware & hardware

SC9832E
Mobile applications / Mobile firmware & hardware

SC9863A
Mobile applications / Mobile firmware & hardware

T310
Mobile applications / Mobile firmware & hardware

Vendor UNISOC

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) NULL Pointer Dereference

EUVDB-ID: #VU99644

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39440

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local application to perform a denial of service (DoS) attack.

The vulnerability exists due to a possible system crash due to null pointer dereference within the DRM service in Android. A local application can perform a denial of service (DoS) attack.

Mitigation

Install security update from vendor's website.

Vulnerable software versions

T606: All versions

T612: All versions

T616: All versions

T610: All versions

T618: All versions

T760: All versions

T770: All versions

T820: All versions

S8000: All versions

CPE2.3 External links

http://www.unisoc.com/en_us/secy/announcementDetail/1849647141752995841


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds write

EUVDB-ID: #VU99645

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39439

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local application to perform a denial of service (DoS) attack.

The vulnerability exists due to a possible out of bounds write due to a missing bounds check within the DRM service in Android. A local application can perform a denial of service (DoS) attack.

Mitigation

Install security update from vendor's website.

Vulnerable software versions

T606: All versions

T612: All versions

T616: All versions

T610: All versions

T618: All versions

T760: All versions

T770: All versions

T820: All versions

S8000: All versions

CPE2.3 External links

http://www.unisoc.com/en_us/secy/announcementDetail/1849647141752995841


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Command injection

EUVDB-ID: #VU99646

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39438

CWE-ID: CWE-77 - Command injection

Exploit availability: No

Description

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to a possible command injection due to improper input validation within the linkturbonative service in Android. A local privileged application can execute arbitrary code.

Mitigation

Install security update from vendor's website.

Vulnerable software versions

SC7731E: All versions

SC9832E: All versions

SC9863A: All versions

T310: All versions

T606: All versions

T612: All versions

T616: All versions

T610: All versions

T618: All versions

T760: All versions

T770: All versions

T820: All versions

S8000: All versions

CPE2.3 External links

http://www.unisoc.com/en_us/secy/announcementDetail/1849647141752995841


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Command injection

EUVDB-ID: #VU99647

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39437

CWE-ID: CWE-77 - Command injection

Exploit availability: No

Description

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to a possible command injection due to improper input validation within the linkturbonative service in Android. A local privileged application can execute arbitrary code.

Mitigation

Install security update from vendor's website.

Vulnerable software versions

SC7731E: All versions

SC9832E: All versions

SC9863A: All versions

T310: All versions

T606: All versions

T612: All versions

T616: All versions

T610: All versions

T618: All versions

T760: All versions

T770: All versions

T820: All versions

S8000: All versions

CPE2.3 External links

http://www.unisoc.com/en_us/secy/announcementDetail/1849647141752995841


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Command injection

EUVDB-ID: #VU99648

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39436

CWE-ID: CWE-77 - Command injection

Exploit availability: No

Description

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to a possible command injection due to improper input validation within the linkturbonative service in Android. A local privileged application can execute arbitrary code.

Mitigation

Install security update from vendor's website.

Vulnerable software versions

SC7731E: All versions

SC9832E: All versions

SC9863A: All versions

T310: All versions

T606: All versions

T612: All versions

T616: All versions

T610: All versions

T618: All versions

T760: All versions

T770: All versions

T820: All versions

S8000: All versions

CPE2.3 External links

http://www.unisoc.com/en_us/secy/announcementDetail/1849647141752995841


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###