Vendor CVEs
Mediatek
All CVEs
447 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-10282 | Hig | 0.46 | 7.0 | 0.00 | May 12, 2017 | An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:… | ||
| CVE-2017-0566 | Hig | 0.46 | 7.0 | 0.01 | Apr 7, 2017 | An elevation of privilege vulnerability in the MediaTek camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2017-0565 | Hig | 0.46 | 7.0 | 0.01 | Apr 7, 2017 | An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:… | ||
| CVE-2017-0517 | Hig | 0.46 | 7.0 | 0.01 | Mar 8, 2017 | An elevation of privilege vulnerability in the MediaTek hardware sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:… | ||
| CVE-2017-0432 | Hig | 0.46 | 7.0 | 0.02 | Feb 8, 2017 | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2016-8448 | Hig | 0.46 | 7.0 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires… | ||
| CVE-2016-8447 | Hig | 0.46 | 7.0 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires… | ||
| CVE-2016-8446 | Hig | 0.46 | 7.0 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires… | ||
| CVE-2016-8445 | Hig | 0.46 | 7.0 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires… | ||
| CVE-2016-6785 | Hig | 0.46 | 7.0 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2016-6783 | Hig | 0.46 | 7.0 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2016-6782 | Hig | 0.46 | 7.0 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2016-6781 | Hig | 0.46 | 7.0 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2026-20453 | Med | 0.44 | 6.7 | 0.00 | Jun 1, 2026 | In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10886526; Issue… | ||
| CVE-2026-20451 | Med | 0.44 | 6.7 | 0.00 | May 4, 2026 | In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504. | ||
| CVE-2026-20448 | Med | 0.44 | 6.7 | 0.00 | May 4, 2026 | In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513;… | ||
| CVE-2026-20447 | Med | 0.44 | 6.7 | 0.00 | May 4, 2026 | In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10724073;… | ||
| CVE-2026-20454 | Med | 0.42 | 6.4 | 0.00 | Jun 1, 2026 | In geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID:… | ||
| CVE-2026-20450 | Med | 0.42 | 6.5 | 0.00 | May 4, 2026 | In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2026-20449 | Med | 0.42 | 6.5 | 0.00 | May 4, 2026 | In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2026-20431 | Med | 0.42 | 6.5 | 0.00 | Apr 7, 2026 | In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2026-20456 | Med | 0.36 | 5.5 | 0.00 | Jun 1, 2026 | In wlan STA driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480851; Issue ID: MSV-6338. | ||
| CVE-2025-23160 | Med | 0.36 | 5.5 | 0.00 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization On Mediatek devices with a system companion processor (SCP) the mtk_scp structure has to be removed explicitly to… | ||
| CVE-2017-0625 | Med | 0.36 | 5.5 | 0.00 | May 12, 2017 | An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user… | ||
| CVE-2017-0529 | Med | 0.36 | 5.5 | 0.00 | Mar 8, 2017 | An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product:… | ||
| CVE-2016-8396 | Med | 0.36 | 5.5 | 0.00 | Jan 12, 2017 | An information disclosure vulnerability in the MediaTek video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission.… | ||
| CVE-2016-3816 | Med | 0.36 | 5.5 | 0.00 | Jul 11, 2016 | The MediaTek display driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28402240. | ||
| CVE-2016-3812 | Med | 0.36 | 5.5 | 0.00 | Jul 11, 2016 | The MediaTek video codec driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28174833 and MediaTek internal bug ALPS02688832. | ||
| CVE-2017-0532 | Med | 0.31 | 4.7 | 0.00 | Mar 8, 2017 | An information disclosure vulnerability in the MediaTek video codec driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2016-8472 | Med | 0.31 | 4.7 | 0.00 | Jan 12, 2017 | An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:… | ||
| CVE-2016-8471 | Med | 0.31 | 4.7 | 0.00 | Jan 12, 2017 | An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:… | ||
| CVE-2016-8470 | Med | 0.31 | 4.7 | 0.00 | Jan 12, 2017 | An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:… | ||
| CVE-2026-20446 | Med | 0.28 | 4.3 | 0.00 | Apr 7, 2026 | In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service, if an attacker has physical access to the device, with User execution privileges needed. User interaction is not needed for exploitation. Patch ID:… | ||
| CVE-2020-0069 | 0.12 | — | 0.01 | KEV | Mar 10, 2020 | In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User… | ||
| CVE-2026-20411 | 0.00 | — | 0.00 | Feb 2, 2026 | In cameraisp, there is a possible escalation of privilege due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10351676; Issue ID: MSV-5737. | |||
| CVE-2025-20762 | 0.00 | — | 0.00 | Jan 6, 2026 | In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for… | |||
| CVE-2023-54143 | 0.00 | — | 0.00 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix resource leaks in vdec_msg_queue_init() If we encounter any error in the vdec_msg_queue_init() then we need to set "msg_queue->wdma_addr.size = 0;". Normally, this is done inside… | |||
| CVE-2023-53854 | 0.00 | — | 0.00 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver… | |||
| CVE-2023-53812 | 0.00 | — | 0.00 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix decoder disable pm crash Can't call pm_runtime_disable when the architecture support sub device for 'dev->pm.dev' is NUll, or will get below crash log. [ 10.771551] pc :… | |||
| CVE-2025-20791 | 0.00 | — | 0.00 | Dec 2, 2025 | In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for… | |||
| CVE-2025-20747 | 0.00 | — | 0.00 | Nov 4, 2025 | In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010443;… | |||
| CVE-2025-20726 | 0.00 | — | 0.00 | Nov 4, 2025 | In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is… | |||
| CVE-2023-53274 | 0.00 | — | 0.00 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt8183: Add back SSPM related clocks This reverts commit 860690a93ef23b567f781c1b631623e27190f101. On the MT8183, the SSPM related clocks were removed claiming a lack of usage. This however… | |||
| CVE-2025-38662 | 0.00 | — | 0.00 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365_dai_set_priv Given mt8365_dai_set_priv allocate priv_size space to copy priv_data which means we should pass mt8365_i2s_priv[i] or "struct… | |||
| CVE-2024-52924 | 0.00 | — | 0.00 | Mar 6, 2025 | An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the… | |||
| CVE-2024-20147 | 0.00 | — | 0.00 | Feb 3, 2025 | In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389046 (Note: For MT79XX… | |||
| CVE-2024-48883 | 0.00 | — | 0.00 | Jan 13, 2025 | An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, and Modem 5300. The UE incorrectly handles a malformed uplink scheduling… | |||
| CVE-2017-13308 | 0.00 | — | 0.00 | Dec 5, 2024 | In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for… | |||
| CVE-2018-9398 | 0.00 | — | 0.00 | Dec 4, 2024 | In fm_set_stat of mediatek FM radio driver, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2018-9368 | 0.00 | — | 0.00 | Nov 19, 2024 | In mtkscoaudio debugfs there is a possible arbitrary kernel memory write due to missing bounds check and weakened SELinux policies. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation. |
- risk 0.46cvss 7.0epss 0.00
An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in the MediaTek camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in the MediaTek hardware sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…
- risk 0.46cvss 7.0epss 0.02
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…
- risk 0.44cvss 6.7epss 0.00
In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10886526; Issue…
- risk 0.44cvss 6.7epss 0.00
In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504.
- risk 0.44cvss 6.7epss 0.00
In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513;…
- risk 0.44cvss 6.7epss 0.00
In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10724073;…
- risk 0.42cvss 6.4epss 0.00
In geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID:…
- risk 0.42cvss 6.5epss 0.00
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…
- risk 0.42cvss 6.5epss 0.00
In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…
- risk 0.42cvss 6.5epss 0.00
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…
- risk 0.36cvss 5.5epss 0.00
In wlan STA driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480851; Issue ID: MSV-6338.
- risk 0.36cvss 5.5epss 0.00
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization On Mediatek devices with a system companion processor (SCP) the mtk_scp structure has to be removed explicitly to…
- risk 0.36cvss 5.5epss 0.00
An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user…
- risk 0.36cvss 5.5epss 0.00
An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product:…
- risk 0.36cvss 5.5epss 0.00
An information disclosure vulnerability in the MediaTek video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission.…
- risk 0.36cvss 5.5epss 0.00
The MediaTek display driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28402240.
- risk 0.36cvss 5.5epss 0.00
The MediaTek video codec driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28174833 and MediaTek internal bug ALPS02688832.
- risk 0.31cvss 4.7epss 0.00
An information disclosure vulnerability in the MediaTek video codec driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…
- risk 0.31cvss 4.7epss 0.00
An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…
- risk 0.31cvss 4.7epss 0.00
An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…
- risk 0.31cvss 4.7epss 0.00
An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…
- risk 0.28cvss 4.3epss 0.00
In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service, if an attacker has physical access to the device, with User execution privileges needed. User interaction is not needed for exploitation. Patch ID:…
- risk 0.12cvss —epss 0.01
In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User…
- CVE-2026-20411Feb 2, 2026risk 0.00cvss —epss 0.00
In cameraisp, there is a possible escalation of privilege due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10351676; Issue ID: MSV-5737.
- CVE-2025-20762Jan 6, 2026risk 0.00cvss —epss 0.00
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…
- CVE-2023-54143Dec 24, 2025risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix resource leaks in vdec_msg_queue_init() If we encounter any error in the vdec_msg_queue_init() then we need to set "msg_queue->wdma_addr.size = 0;". Normally, this is done inside…
- CVE-2023-53854Dec 9, 2025risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver…
- CVE-2023-53812Dec 9, 2025risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix decoder disable pm crash Can't call pm_runtime_disable when the architecture support sub device for 'dev->pm.dev' is NUll, or will get below crash log. [ 10.771551] pc :…
- CVE-2025-20791Dec 2, 2025risk 0.00cvss —epss 0.00
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…
- CVE-2025-20747Nov 4, 2025risk 0.00cvss —epss 0.00
In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010443;…
- CVE-2025-20726Nov 4, 2025risk 0.00cvss —epss 0.00
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is…
- CVE-2023-53274Sep 16, 2025risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt8183: Add back SSPM related clocks This reverts commit 860690a93ef23b567f781c1b631623e27190f101. On the MT8183, the SSPM related clocks were removed claiming a lack of usage. This however…
- CVE-2025-38662Aug 22, 2025risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365_dai_set_priv Given mt8365_dai_set_priv allocate priv_size space to copy priv_data which means we should pass mt8365_i2s_priv[i] or "struct…
- CVE-2024-52924Mar 6, 2025risk 0.00cvss —epss 0.00
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the…
- CVE-2024-20147Feb 3, 2025risk 0.00cvss —epss 0.00
In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389046 (Note: For MT79XX…
- CVE-2024-48883Jan 13, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, and Modem 5300. The UE incorrectly handles a malformed uplink scheduling…
- CVE-2017-13308Dec 5, 2024risk 0.00cvss —epss 0.00
In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for…
- CVE-2018-9398Dec 4, 2024risk 0.00cvss —epss 0.00
In fm_set_stat of mediatek FM radio driver, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2018-9368Nov 19, 2024risk 0.00cvss —epss 0.00
In mtkscoaudio debugfs there is a possible arbitrary kernel memory write due to missing bounds check and weakened SELinux policies. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation.
Page 2 of 9