CVE-2021-0669

Vulnerability

A use-after-free vulnerability exists in the apusys driver of MediaTek chipsets. The flaw occurs when memory is freed but still referenced, leading to potential memory corruption. The affected versions are those prior to the patch identified by ALPS05681550. The vulnerability is present in multiple MediaTek chipsets as listed in the November 2021 security bulletin [1].

Exploitation

An attacker must have System execution privileges on the device. No user interaction is required. The exploitation sequence involves triggering the use-after-free condition in the apusys driver, which can be achieved through a crafted application or system call that manipulates memory management.

Impact

Successful exploitation leads to memory corruption, which can be leveraged to escalate privileges within the System context. The attacker gains the ability to execute arbitrary code at the System privilege level, potentially compromising the entire device.

Mitigation

MediaTek has released a security patch for this vulnerability, identified by ALPS05681550, as part of the November 2021 Product Security Bulletin [1]. Device OEMs have been notified and are expected to distribute the update. Users should apply the latest security patch from their device manufacturer. No workaround is available.