6.7

CVE-2023-32829

In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07713478; Issue ID: ALPS07713478.

Data is provided by the National Vulnerability Database (NVD)
LinuxfoundationYocto Version3.1
   MediatekMt6879 Version-
   MediatekMt6886 Version-
   MediatekMt6891 Version-
   MediatekMt6895 Version-
   MediatekMt6896 Version-
   MediatekMt6983 Version-
   MediatekMt6985 Version-
   MediatekMt8137 Version-
   MediatekMt8139 Version-
   MediatekMt8188 Version-
   MediatekMt8195 Version-
   MediatekMt8195z Version-
   MediatekMt8390 Version-
   MediatekMt8395 Version-
LinuxfoundationYocto Version3.3
   MediatekMt6879 Version-
   MediatekMt6886 Version-
   MediatekMt6891 Version-
   MediatekMt6895 Version-
   MediatekMt6896 Version-
   MediatekMt6983 Version-
   MediatekMt6985 Version-
   MediatekMt8137 Version-
   MediatekMt8139 Version-
   MediatekMt8188 Version-
   MediatekMt8195 Version-
   MediatekMt8195z Version-
   MediatekMt8390 Version-
   MediatekMt8395 Version-
LinuxfoundationYocto Version4.0
   MediatekMt6879 Version-
   MediatekMt6886 Version-
   MediatekMt6891 Version-
   MediatekMt6895 Version-
   MediatekMt6896 Version-
   MediatekMt6983 Version-
   MediatekMt6985 Version-
   MediatekMt8137 Version-
   MediatekMt8139 Version-
   MediatekMt8188 Version-
   MediatekMt8195 Version-
   MediatekMt8195z Version-
   MediatekMt8390 Version-
   MediatekMt8395 Version-
MediatekIot Yocto Version23.0
   MediatekMt6879 Version-
   MediatekMt6886 Version-
   MediatekMt6891 Version-
   MediatekMt6895 Version-
   MediatekMt6896 Version-
   MediatekMt6983 Version-
   MediatekMt6985 Version-
   MediatekMt8137 Version-
   MediatekMt8139 Version-
   MediatekMt8188 Version-
   MediatekMt8195 Version-
   MediatekMt8195z Version-
   MediatekMt8390 Version-
   MediatekMt8395 Version-
GoogleAndroid Version12.0
   MediatekMt6879 Version-
   MediatekMt6886 Version-
   MediatekMt6891 Version-
   MediatekMt6895 Version-
   MediatekMt6896 Version-
   MediatekMt6983 Version-
   MediatekMt6985 Version-
   MediatekMt8137 Version-
   MediatekMt8139 Version-
   MediatekMt8188 Version-
   MediatekMt8195 Version-
   MediatekMt8195z Version-
   MediatekMt8390 Version-
   MediatekMt8395 Version-
GoogleAndroid Version13.0
   MediatekMt6879 Version-
   MediatekMt6886 Version-
   MediatekMt6891 Version-
   MediatekMt6895 Version-
   MediatekMt6896 Version-
   MediatekMt6983 Version-
   MediatekMt6985 Version-
   MediatekMt8137 Version-
   MediatekMt8139 Version-
   MediatekMt8188 Version-
   MediatekMt8195 Version-
   MediatekMt8195z Version-
   MediatekMt8390 Version-
   MediatekMt8395 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.02% 0.047
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.