CVE-2024-20019: Infoleak
First published: Mon Mar 04 2024(Updated: )
In wlan driver, there is a possible memory leak due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00351241; Issue ID: MSV-1173.
Credit: security@mediatek.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Mediatek Software Package | <=2023.11.10 | |
| Any of | ||
| Mediatek Mt7925 | ||
| MediaTek MT7927 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-20019?
CVE-2024-20019 is classified as a moderate severity vulnerability due to a potential memory leak that can lead to remote denial of service.
How do I fix CVE-2024-20019?
To resolve CVE-2024-20019, it is recommended to apply the corresponding patch identified by WCNCR00351241.
Who is affected by CVE-2024-20019?
CVE-2024-20019 affects specific versions of the Mediatek Software Package prior to 2023.11.10.
Can CVE-2024-20019 be exploited without user interaction?
Yes, CVE-2024-20019 can be exploited remotely without requiring user interaction.
What does CVE-2024-20019 impact in the wlan driver?
CVE-2024-20019 impacts memory handling in the wlan driver, leading to possible remote denial of service.
- agent/references
- agent/description
- agent/first-publish-date
- agent/type
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/source
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- vendor/mediatek
- canonical/mediatek software package
- version/mediatek software package/2023.11.10
- canonical/mediatek mt7925
- canonical/mediatek mt7927