CVE-2024-20108 | MediaTek MT8798 Atci out-of-bounds write (MSV-1774 / ALPS09082988)

A vulnerability was found in MediaTek MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6896, MT6897, MT6983, MT6985, MT6989, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8370, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8755, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8792, MT8795T, MT8796, MT8797 and MT8798. It has been classified as critical. This affects an unknown part of the component Atci. The manipulation leads to out-of-bounds write.

This vulnerability is uniquely identified as CVE-2024-20108. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-20108 | MediaTek MT8798 Atci out-of-bounds write (MSV-1774 / ALPS09082988)

Post correlati

CVE-2024-8482 | Royal Elementor Addons and Templates Plugin up to 1.3.986 on WordPress Team Member Widget cross site scripting

CVE-2022-48831 | Linux Kernel up to 5.15.23/5.16.9 ima asymmetric_verify denial of service (0838d6d68182/89f586d3398f/926fd9f23b27)

CVE-2024-20515 | Cisco Identity Services Engine Software 2.7.0 p8 up to 3.3.0 Web-based Management Interface missing encryption (cisco-sa-ise-info-disc-ZYF2nEEX)

CVE-2024-32458 | FreeRDP up to 2.11.5/3.4.x out-of-bounds (GHSA-vvr6-h646-mp4p)