MediaTek, Inc. MT8791T vAndroid 12.0, 13.0, 14.0, 15.0 - 3 CVEs

CVE-2024-20121

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1574.

MEDIUM CVSS 6.7 Published Nov 04, 2024

CVE-2024-20120

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1575.

MEDIUM CVSS 6.7 Published Nov 04, 2024

CVE-2024-20108

In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09082988; Issue ID: MSV-1774.

MEDIUM CVSS 6.7 Published Nov 04, 2024

Version Android 12.0, 13.0, 14.0, 15.0

Known Vulnerabilities

CVE-2024-20121

CVE-2024-20120

CVE-2024-20108