VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 7, 2023· Updated Mar 5, 2025

CVE-2023-20647

CVE-2023-20647

Description

In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628547; Issue ID: ALPS07628547.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Out-of-bounds read in MediaTek RIL allows local information disclosure with system privileges.

Vulnerability

In the Radio Interface Layer (RIL) of MediaTek chipsets, an out-of-bounds read vulnerability exists due to a missing bounds check. This affects chipsets as listed in the MediaTek March 2023 Product Security Bulletin [1]. The specific patch ID is ALPS07628547.

Exploitation

An attacker with System execution privileges can trigger the out-of-bounds read without any user interaction. No additional authentication or network access is required, as the vulnerability can be exploited locally.

Impact

Successful exploitation leads to local information disclosure, potentially exposing sensitive data from kernel memory. The attacker gains access to information beyond their authorized level.

Mitigation

MediaTek has released a patch identified as ALPS07628547, included in the March 2023 bulletin [1]. Device manufacturers have been notified; users should apply system updates from their OEM. No workarounds are available if the patch is not yet deployed.

References
  1. March 2023

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Samsung Mobile/RILllm-fuzzy
  • MediaTek, Inc./MT6739, MT6761, MT6762, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8321, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797v5
    Range: Android 12.0, 13.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.