CVE-2023-32829: Integer Overflow
First published: Mon Oct 02 2023(Updated: )
In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07713478; Issue ID: ALPS07713478.
Credit: security@mediatek.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| Yocto Project | =3.1 | |
| Yocto Project | =3.3 | |
| Yocto Project | =4.0 | |
| MediaTek IoT Yocto | =23.0 | |
| Android | =12.0 | |
| Android | =13.0 | |
| Any of | ||
| MediaTek MT6879 | ||
| MediaTek MT6886 | ||
| MediaTek MT6891 | ||
| MediaTek MT6895 | ||
| MediaTek MT6896 | ||
| MediaTek MT6983 | ||
| MediaTek MT6985T | ||
| MediaTek MT8137 | ||
| MediaTek MT8139 | ||
| MediaTek MT8188 | ||
| MediaTek MT8195Z | ||
| MediaTek MT8195Z | ||
| MediaTek MT8390 | ||
| MediaTek MT8395 | ||
| Yocto Project | =3.1 | |
| Yocto Project | =3.3 | |
| Yocto Project | =4.0 | |
| MediaTek IoT Yocto | =23.0 | |
| Android | =12.0 | |
| Android | =13.0 | |
| MediaTek MT6879 | ||
| MediaTek MT6886 | ||
| MediaTek MT6891 | ||
| MediaTek MT6895 | ||
| MediaTek MT6896 | ||
| MediaTek MT6983 | ||
| MediaTek MT6985T | ||
| MediaTek MT8137 | ||
| MediaTek MT8139 | ||
| MediaTek MT8188 | ||
| MediaTek MT8195Z | ||
| MediaTek MT8195Z | ||
| MediaTek MT8390 | ||
| MediaTek MT8395 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2023-32829.
What is the severity level of CVE-2023-32829?
The severity level of CVE-2023-32829 is medium.
How can this vulnerability be exploited?
This vulnerability can be exploited locally without user interaction.
What software versions are affected by CVE-2023-32829?
The affected software versions are Linuxfoundation Yocto 3.1, Linuxfoundation Yocto 3.3, Linuxfoundation Yocto 4.0, Mediatek Iot Yocto 23.0, Google Android 12.0, and Google Android 13.0.
How can I fix CVE-2023-32829?
To fix CVE-2023-32829, apply the relevant patch provided by the vendor.
- agent/type
- agent/severity
- agent/references
- agent/event
- agent/description
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/weakness
- agent/author
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- vendor/linuxfoundation
- canonical/yocto project
- version/yocto project/3.1
- version/yocto project/3.3
- version/yocto project/4.0
- vendor/mediatek
- canonical/mediatek iot yocto
- version/mediatek iot yocto/23.0
- vendor/google
- canonical/android
- version/android/12.0
- version/android/13.0
- canonical/mediatek mt6879
- canonical/mediatek mt6886
- canonical/mediatek mt6891
- canonical/mediatek mt6895
- canonical/mediatek mt6896
- canonical/mediatek mt6983
- canonical/mediatek mt6985t
- canonical/mediatek mt8137
- canonical/mediatek mt8139
- canonical/mediatek mt8188
- canonical/mediatek mt8195z
- canonical/mediatek mt8390
- canonical/mediatek mt8395