CVE-2024-20125 | MediaTek MT8798 Vdec out-of-bounds write (MSV-1728 / ALPS09046782)

A vulnerability was found in MediaTek MT6580, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8175, MT8195, MT8321, MT8365, MT8370, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8791T, MT8797 and MT8798 and classified as critical. This issue affects some unknown processing of the component Vdec. The manipulation leads to out-of-bounds write.

The identification of this vulnerability is CVE-2024-20125. An attack has to be approached locally. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-20125 | MediaTek MT8798 Vdec out-of-bounds write (MSV-1728 / ALPS09046782)

Related Posts

CVE-2024-34887 | 1C-Bitrix Bitrix24 23.300.100 AD LDAP Server insufficiently protected credentials

CVE-2024-6357 | OpenText ArcSight Intelligence up to 6.4.12 authorization

CVE-2024-30142 | HCL BigFix Compliance 2.0.11 Session Cookie missing secure attribute (KB0117197)

CVE-2023-43790 | Combodo iTop up to 3.1.0 HTTP Query friendlyname cross site scripting (GHSA-96xm-p83r-hm97)