First published: Tue Nov 08 2022(Updated: )
In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262454; Issue ID: ALPS07262454.
Credit: security@mediatek.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | =11.0 | |
Google Android | =12.0 | |
Google Android | =13.0 | |
Mediatek Mt6833 | ||
Mediatek Mt6873 | ||
Mediatek Mt6893 | ||
Mediatek Mt8798 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-32618 is a vulnerability in typec that allows for a possible out of bounds write due to an incorrect calculation of buffer size.
The severity of CVE-2022-32618 is medium with a CVSS score of 6.8.
The affected software includes Google Android 11.0, 12.0, and 13.0.
The vulnerability can be exploited by an attacker with physical access to the device, without the need for user interaction.
For information on the fix for CVE-2022-32618, please refer to the reference link provided.