CVE-2023-20640

Vulnerability

An out-of-bounds write vulnerability exists in the ril component of MediaTek chipsets due to a missing bounds check. This issue is present in software versions prior to the March 2023 security patch [1]. The vulnerability is identified by patch ID ALPS07629573 and is classified as Medium severity in the March 2023 MediaTek Product Security Bulletin [1].

Exploitation

An attacker with System execution privileges can trigger the vulnerability by sending crafted input to the ril component, bypassing bounds validation. No user interaction is needed for exploitation. The exact attack vector is not detailed in public references but requires local access and System-level permissions.

Impact

Successful exploitation allows the attacker to cause an out-of-bounds write, potentially corrupting memory. This can lead to local escalation of privilege, enabling the attacker to execute arbitrary code at a higher privilege level within the system.

Mitigation

The issue is fixed by patch ALPS07629573, which is included in the March 2023 MediaTek security bulletin [1]. Device OEMs were notified at least two months prior to publication. Users should apply the latest security updates from their device manufacturer. No workaround is available.