First published: Thu Nov 18 2021(Updated: )
In mdlactl driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05776625; Issue ID: ALPS05776625.
Credit: security@android.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | =10.0 | |
Google Android | =11.0 | |
Mediatek Mt6873 | ||
Mediatek Mt6875 | ||
Mediatek Mt6883 | ||
Mediatek Mt6885 | ||
Mediatek Mt6889 | ||
Mediatek Mt6891 | ||
Mediatek Mt6893 | ||
Mediatek Mt8195 | ||
Mediatek Mt8791 | ||
Mediatek Mt8797 | ||
Mediatek Mt9636 | ||
Mediatek Mt9638 | ||
Mediatek Mt9639 | ||
Mediatek Mt9650 | ||
Mediatek Mt9652 | ||
Mediatek Mt9669 | ||
Mediatek Mt9686 | ||
Mediatek Mt9970 | ||
Mediatek Mt9980 | ||
Mediatek Mt9981 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this vulnerability is CVE-2021-0629.
The severity of CVE-2021-0629 is high.
CVE-2021-0629 can lead to local escalation of privilege with System execution privileges, and user interaction is not needed for exploitation.
Yes, a patch with patch ID ALPS05776625 is available for CVE-2021-0629.
You can find more information about CVE-2021-0629 at the following reference link: [https://corp.mediatek.com/product-security-bulletin/November-2021](https://corp.mediatek.com/product-security-bulletin/November-2021)