5.5

CVE-2022-20046

In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleAndroid Version8.1
   MediatekMt8167 Version-
   MediatekMt8175 Version-
   MediatekMt8183 Version-
   MediatekMt8362a Version-
   MediatekMt8365 Version-
   MediatekMt8385 Version-
GoogleAndroid Version9.0
   MediatekMt8167 Version-
   MediatekMt8175 Version-
   MediatekMt8183 Version-
   MediatekMt8362a Version-
   MediatekMt8365 Version-
   MediatekMt8385 Version-
GoogleAndroid Version10.0
   MediatekMt8167 Version-
   MediatekMt8175 Version-
   MediatekMt8183 Version-
   MediatekMt8362a Version-
   MediatekMt8365 Version-
   MediatekMt8385 Version-
GoogleAndroid Version11.0
   MediatekMt8167 Version-
   MediatekMt8175 Version-
   MediatekMt8183 Version-
   MediatekMt8362a Version-
   MediatekMt8365 Version-
   MediatekMt8385 Version-
GoogleAndroid Version12.0
   MediatekMt8167 Version-
   MediatekMt8175 Version-
   MediatekMt8183 Version-
   MediatekMt8362a Version-
   MediatekMt8365 Version-
   MediatekMt8385 Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.01% 0.022
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:N/A:P
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.