#VU67846 Buffer overflow in MediaTek products - CVE-2022-32591
Published: October 3, 2022
Vulnerability identifier: #VU67846
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2022-32591
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
MT6580
MT6739
MT6753
MT6757
MT6761
MT6762
MT6763
MT6765
MT6768
MT6789
MT6833
MT6855
MT6879
MT6895
MT6983
MT8321
MT8385
MT8666
MT8675
MT8765
MT8766
MT8768
MT8786
MT8788
MT8789
MT8791
MT6779
MT6781
MT6785
MT6853
MT6853T
MT6873
MT6875
MT6877
MT6885
MT6893
MT8797
MT6580
MT6739
MT6753
MT6757
MT6761
MT6762
MT6763
MT6765
MT6768
MT6789
MT6833
MT6855
MT6879
MT6895
MT6983
MT8321
MT8385
MT8666
MT8675
MT8765
MT8766
MT8768
MT8786
MT8788
MT8789
MT8791
MT6779
MT6781
MT6785
MT6853
MT6853T
MT6873
MT6875
MT6877
MT6885
MT6893
MT8797
Software vendor:
MediaTek
MediaTek
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the ril component. A remote attacker can send specially crafted traffic to the device, trigger memory corruption and perform a denial of service (DoS) attack.
Remediation
Install updates from vendor's website.