6.7

CVE-2022-32630

In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405966; Issue ID: ALPS07405966.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleAndroid Version12.0
   MediatekMt6789 Version-
   MediatekMt6855 Version-
   MediatekMt6895 Version-
   MediatekMt6983 Version-
   MediatekMt8781 Version-
GoogleAndroid Version13.0
   MediatekMt6789 Version-
   MediatekMt6855 Version-
   MediatekMt6895 Version-
   MediatekMt6983 Version-
   MediatekMt8781 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.03
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE-131 Incorrect Calculation of Buffer Size

The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.