CVE-2024-20016: Integer Overflow
First published: Mon Feb 05 2024(Updated: )
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation Patch ID: ALPS07835901; Issue ID: ALPS07835901.
Credit: security@mediatek.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| Android | =11.0 | |
| Android | =12.0 | |
| Android | =13.0 | |
| Android | =14.0 | |
| Any of | ||
| MediaTek MT6735 | ||
| MediaTek MT6737 | ||
| MediaTek MT6739 | ||
| MediaTek MT6753 | ||
| MediaTek MT6757 | ||
| MediaTek MT6761 | ||
| MediaTek MT6763 | ||
| MediaTek MT6765 | ||
| MediaTek MT6768 | ||
| MediaTek MT6771 | ||
| MediaTek MT6779 | ||
| MediaTek MT6781 | ||
| MediaTek MT6785T | ||
| MediaTek MT6833 | ||
| MediaTek MT6853 | ||
| MediaTek MT6855 | ||
| MediaTek MT6873 | ||
| MediaTek MT6877 | ||
| MediaTek MT6879 | ||
| MediaTek MT6885 | ||
| MediaTek MT6889 | ||
| MediaTek MT6893 | ||
| MediaTek MT6895 | ||
| MediaTek MT6983 | ||
| MediaTek MT8168 | ||
| MediaTek MT8183 | ||
| MediaTek MT8188 | ||
| MediaTek MT8195Z | ||
| MediaTek MT8765 | ||
| MediaTek MT8766Z | ||
| MediaTek MT8768 | ||
| MediaTek MT8791 WiFi | ||
| MediaTek MT8797 WiFi | ||
| MediaTek MT8798 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-20016?
CVE-2024-20016 has a medium severity due to its potential to cause local denial of service.
How do I fix CVE-2024-20016?
To fix CVE-2024-20016, apply the patch identified as ALPS07835901.
Who is affected by CVE-2024-20016?
CVE-2024-20016 affects Google Android versions 11.0, 12.0, 13.0, and 14.0.
Can CVE-2024-20016 be exploited remotely?
No, CVE-2024-20016 requires local access for exploitation.
Is user interaction needed for CVE-2024-20016 exploitation?
No, user interaction is not required for the exploitation of CVE-2024-20016.
- agent/references
- agent/first-publish-date
- agent/description
- agent/type
- agent/author
- agent/severity
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/google
- canonical/android
- version/android/11.0
- version/android/12.0
- version/android/13.0
- version/android/14.0
- vendor/mediatek
- canonical/mediatek mt6735
- canonical/mediatek mt6737
- canonical/mediatek mt6739
- canonical/mediatek mt6753
- canonical/mediatek mt6757
- canonical/mediatek mt6761
- canonical/mediatek mt6763
- canonical/mediatek mt6765
- canonical/mediatek mt6768
- canonical/mediatek mt6771
- canonical/mediatek mt6779
- canonical/mediatek mt6781
- canonical/mediatek mt6785t
- canonical/mediatek mt6833
- canonical/mediatek mt6853
- canonical/mediatek mt6855
- canonical/mediatek mt6873
- canonical/mediatek mt6877
- canonical/mediatek mt6879
- canonical/mediatek mt6885
- canonical/mediatek mt6889
- canonical/mediatek mt6893
- canonical/mediatek mt6895
- canonical/mediatek mt6983
- canonical/mediatek mt8168
- canonical/mediatek mt8183
- canonical/mediatek mt8188
- canonical/mediatek mt8195z
- canonical/mediatek mt8765
- canonical/mediatek mt8766z
- canonical/mediatek mt8768
- canonical/mediatek mt8791 wifi
- canonical/mediatek mt8797 wifi
- canonical/mediatek mt8798