First published: Mon Aug 07 2023(Updated: )
In pda, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07147572; Issue ID: ALPS07421076.
Credit: security@mediatek.com security@mediatek.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | =12.0 | |
Google Android | =13.0 | |
Mediatek Mt2713 | ||
Mediatek Mt6855 | ||
Mediatek Mt6879 | ||
Mediatek Mt6886 | ||
Mediatek Mt6895 | ||
Mediatek Mt6983 | ||
Mediatek Mt6985 | ||
Mediatek Mt8188 | ||
Mediatek Mt8195 | ||
Mediatek Mt8395 | ||
Mediatek Mt8673 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-20798 is a vulnerability in pda where there is a potential out-of-bounds read due to an incorrect calculation of buffer size.
The severity of CVE-2023-20798 is medium with a CVSS score of 4.4.
CVE-2023-20798 affects Google Android versions 12.0 and 13.0.
No, user interaction is not needed for exploitation of CVE-2023-20798.
To fix CVE-2023-20798, apply the patch with ID ALPS07147572 or ALPS07421076.