CVE-2024-20011: Buffer Overflow

First published: Mon Feb 05 2024(Updated: )

In alac decoder, there is a possible information disclosure due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441146; Issue ID: ALPS08441146.

Credit: security@mediatek.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/mitre-cve
• source/MITRE
• agent/description
• agent/type
• agent/author
• agent/weakness
• agent/references
• agent/severity
• agent/softwarecombine
• agent/first-publish-date
• agent/event
• agent/last-modified-date
• collector/android-source
• source/Android
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• agent/tags
• collector/epss-latest
• source/FIRST
• agent/epss
• collector/nvd-api
• source/NVD
• vendor/google
• canonical/google android
• version/google android/11.0
• version/google android/12.0
• version/google android/13.0
• vendor/mediatek
• canonical/mediatek mt6985
• canonical/mediatek mt8127
• canonical/mediatek mt8135
• canonical/mediatek mt8167
• canonical/mediatek mt8167s
• canonical/mediatek mt8168
• canonical/mediatek mt8173
• canonical/mediatek mt8175
• canonical/mediatek mt8176
• canonical/mediatek mt8183
• canonical/mediatek mt8185
• canonical/mediatek mt8188
• canonical/mediatek mt8188t
• canonical/mediatek mt8195
• canonical/mediatek mt8195z
• canonical/mediatek mt8312c
• canonical/mediatek mt8312d