CVE-2021-0659
Description
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05687559; Issue ID: ALPS05687559.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An out-of-bounds read in MediaTek apusys allows local attackers with System privileges to disclose sensitive information.
Vulnerability
In the apusys driver of MediaTek chipsets, an incorrect bounds check leads to an out-of-bounds read. This vulnerability affects multiple chipsets as listed in the November 2021 bulletin [1]. The patch ID is ALPS05687559.
Exploitation
An attacker must have System execution privileges (local access) to exploit this vulnerability. No user interaction is required. The attacker can trigger the out-of-bounds read by sending a crafted request to the apusys driver.
Impact
Successful exploitation allows the attacker to read out-of-bounds memory, leading to local information disclosure of sensitive data.
Mitigation
MediaTek released a security patch in the November 2021 Product Security Bulletin [1]. Device OEMs have been notified and should apply the patch. Users should ensure their devices receive the latest security updates.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- apusys/apusysdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- corp.mediatek.com/product-security-bulletin/November-2021mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.