CVE-2022-20105

Published: 5/3/2022 Last updated: 8/3/2024 Reserved: 10/12/2021

In MM service, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330460; Issue ID: DTV03330460.

CNA assigner: MediaTek (ee979b05-11f8-4f25-a7e0-a1fa9c190374) Requested by: n/a

Opam packages affected (29)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes ortools_solvers orun rawlink rawlink-eio rawlink-lwt restricted shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (1)

Product	Vendor	Version
MT9011, MT9215, MT9216, MT9220, MT9221, MT9255, MT9256, MT9266, MT9269, MT9285, MT9286, MT9288, MT9600, MT9602, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9629, MT9630, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9666, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688	MediaTek, Inc.	< 32813321f18d5432cec1b1a6ecc964f9ea26d565

CVE-2022-20105

Opam packages affected (29)

Products affected (1)

References (4)