VYPR
Unrated severityNVD Advisory· Published Feb 5, 2024· Updated Jun 20, 2025

CVE-2024-20009

CVE-2024-20009

Description

In alac decoder, there is a possible out of bounds write due to an incorrect error handling. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441150; Issue ID: ALPS08441150.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • MediaTek, Inc./MT6580, MT6739, MT6761, MT6762, MT6765, MT6779, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6895, MT6983, MT6985, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8185, MT8188, MT8188Tv5
    Range: Android 12.0, 13.0, 14.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.