VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 6, 2023· Updated Apr 24, 2025

CVE-2023-32835

CVE-2023-32835

Description

In keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08157918; Issue ID: ALPS08157918.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Memory corruption in keyinstall due to type confusion allows local escalation of privilege with System execution privileges.

Vulnerability

In keyinstall, a type confusion vulnerability leads to possible memory corruption. The vulnerability is present in certain MediaTek chipsets; exact versions may vary per OEM. Patch ID: ALPS08157918. The issue is documented in the MediaTek November 2023 Product Security Bulletin [1].

Exploitation

Exploitation requires System execution privileges, but no user interaction is needed. The attacker can trigger memory corruption via type confusion in keyinstall. The specific attack vector is not detailed in available references.

Impact

Successful exploitation could lead to local escalation of privilege, allowing an attacker to gain elevated privileges within the system. The potential impact includes full compromise of the device's integrity and confidentiality.

Mitigation

MediaTek has released a security patch (Patch ID: ALPS08157918) as part of the November 2023 bulletin [1]. OEMs are expected to deploy the fix in their updates. Users should apply security updates from their device manufacturer.

References
  1. November 2023

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Mediatek/keyInstallllm-fuzzy
  • MediaTek, Inc./MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798v5
    Range: Android 11.0, 12.0, 13.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.