Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-21744 (GCVE-0-2022-21744)
Vulnerability from cvelistv5 – Published: 2022-07-06 13:05 – Updated: 2024-08-03 02:53
VLAI?
EPSS
Summary
In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:35.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT2731, MT2735, MT6297, MT6725, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6755, MT6757, MT6757P, MT6758, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6775, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6797, MT6799, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Modem LR9, \nLR11, \nLR12, \nLR12A, \nLR13, \nNR15,\nNR16"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T13:05:13.000Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21744",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT2731, MT2735, MT6297, MT6725, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6755, MT6757, MT6757P, MT6758, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6775, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6797, MT6799, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Modem LR9, \nLR11, \nLR12, \nLR12A, \nLR13, \nNR15,\nNR16"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2022-21744",
"datePublished": "2022-07-06T13:05:13.000Z",
"dateReserved": "2021-11-26T00:00:00.000Z",
"dateUpdated": "2024-08-03T02:53:35.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTFR-2022-AVI-617
Vulnerability from certfr_avis - Published: 2022-07-07 - Updated: 2022-07-07
De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Google Android versions 10, 11, 12 et 12L sans le correctif de s\u00e9curit\u00e9 du 06 juillet 2022",
"product": {
"name": "Android",
"vendor": {
"name": "Google",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-39815",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39815"
},
{
"name": "CVE-2022-20223",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20223"
},
{
"name": "CVE-2022-20230",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20230"
},
{
"name": "CVE-2022-20082",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20082"
},
{
"name": "CVE-2022-20222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20222"
},
{
"name": "CVE-2022-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22058"
},
{
"name": "CVE-2022-25659",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25659"
},
{
"name": "CVE-2022-20229",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20229"
},
{
"name": "CVE-2022-20217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20217"
},
{
"name": "CVE-2022-25657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25657"
},
{
"name": "CVE-2022-22096",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22096"
},
{
"name": "CVE-2022-20083",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20083"
},
{
"name": "CVE-2022-20225",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20225"
},
{
"name": "CVE-2022-20221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20221"
},
{
"name": "CVE-2022-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21763"
},
{
"name": "CVE-2022-20220",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20220"
},
{
"name": "CVE-2022-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21764"
},
{
"name": "CVE-2022-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21768"
},
{
"name": "CVE-2022-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20227"
},
{
"name": "CVE-2020-29374",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29374"
},
{
"name": "CVE-2022-20228",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20228"
},
{
"name": "CVE-2021-0981",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0981"
},
{
"name": "CVE-2022-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21744"
},
{
"name": "CVE-2022-20216",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20216"
},
{
"name": "CVE-2022-20122",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20122"
},
{
"name": "CVE-2022-20236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20236"
},
{
"name": "CVE-2022-20226",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20226"
},
{
"name": "CVE-2022-20224",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20224"
},
{
"name": "CVE-2022-20219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20219"
},
{
"name": "CVE-2021-35133",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35133"
},
{
"name": "CVE-2022-25658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25658"
},
{
"name": "CVE-2022-20238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20238"
},
{
"name": "CVE-2022-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21767"
}
],
"initial_release_date": "2022-07-07T00:00:00",
"last_revision_date": "2022-07-07T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-617",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-07-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Android.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Pixel du 06 juillet 2022",
"url": "https://source.android.com/security/bulletin/pixel/2022-07-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Android du 06 juillet 2022",
"url": "https://source.android.com/security/bulletin/2022-07-01"
}
]
}
GSD-2022-21744
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-21744",
"description": "In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.",
"id": "GSD-2022-21744"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-21744"
],
"details": "In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.",
"id": "GSD-2022-21744",
"modified": "2023-12-13T01:19:14.346426Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21744",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT2731, MT2735, MT6297, MT6725, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6755, MT6757, MT6757P, MT6758, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6775, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6797, MT6799, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797",
"version": {
"version_data": [
{
"version_value": "Modem LR9, \nLR11, \nLR12, \nLR12A, \nLR13, \nNR15,\nNR16"
}
]
}
}
]
},
"vendor_name": "MediaTek, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mediatek:lr11:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mediatek:lr12:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mediatek:lr9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6725:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6757p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt6775:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@mediatek.com",
"ID": "CVE-2022-21744"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-07-14T01:26Z",
"publishedDate": "2022-07-06T14:15Z"
}
}
}
CNVD-2022-66250
Vulnerability from cnvd - Published: 2022-09-29
VLAI Severity ?
Title
多款MediaTek芯片Modem 2G RR存在越界写入漏洞
Description
联发科技股份有限公司(MediaTek Inc.)是全球第四大晶圆厂半导体公司,在移动终端、智能家居应用、无线连接技术及物联网产品等市场位居领先地位,一年约有15亿台内建MediaTek芯片的终端产品在全球各地上市。
多款MediaTek芯片Modem 2G RR存在越界写入漏洞,该漏洞源于在Modem 2G RR缺少边界检查,攻击者可利用该漏洞进行远程代码执行。
Severity
高
Patch Name
多款MediaTek芯片Modem 2G RR存在越界写入漏洞的补丁
Patch Description
联发科技股份有限公司(MediaTek Inc.)是全球第四大晶圆厂半导体公司,在移动终端、智能家居应用、无线连接技术及物联网产品等市场位居领先地位,一年约有15亿台内建MediaTek芯片的终端产品在全球各地上市。
多款MediaTek芯片Modem 2G RR存在越界写入漏洞,该漏洞源于在Modem 2G RR缺少边界检查,攻击者可利用该漏洞进行远程代码执行。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://source.android.com/security/bulletin/2022-07-01
Reference
https://corp.mediatek.com/product-security-bulletin/July-2022
Impacted products
| Name | ['MediaTek MT2731 LR9', 'MediaTek MT2731 LR11', 'MediaTek MT2731 LR12', 'MediaTek MT2731 LR12A', 'MediaTek MT2731 LR13', 'MediaTek MT2731 NR15', 'MediaTek MT2731 NR16', 'MediaTek MT2735 LR9', 'MediaTek MT2735 LR11', 'MediaTek MT2735 LR12', 'MediaTek MT2735 LR12A', 'MediaTek MT2735 LR13', 'MediaTek MT2735 NR15', 'MediaTek MT2735 NR16', 'MediaTek MT6297 LR9', 'MediaTek MT6297 LR11', 'MediaTek MT6297 LR12', 'MediaTek MT6297 LR12A', 'MediaTek MT6297 LR13', 'MediaTek MT6297 NR15', 'MediaTek MT6297 NR16', 'MediaTek MT6725 LR9', 'MediaTek MT6725 LR11', 'MediaTek MT6725 LR12', 'MediaTek MT6725 LR12A', 'MediaTek MT6725 LR13', 'MediaTek MT6725 NR15', 'MediaTek MT6725 NR16', 'MediaTek MT6735 LR9', 'MediaTek MT6735 LR11', 'MediaTek MT6735 LR12', 'MediaTek MT6735 LR12A', 'MediaTek MT6735 LR13', 'MediaTek MT6735 NR15', 'MediaTek MT6735 NR16', 'MediaTek MT6737 LR9', 'MediaTek MT6737 LR11', 'MediaTek MT6737 LR12', 'MediaTek MT6737 LR12A', 'MediaTek MT6737 LR13', 'MediaTek MT6737 NR15', 'MediaTek MT6737 NR16', 'MediaTek MT6739 LR9', 'MediaTek MT6739 LR11', 'MediaTek MT6739 LR12', 'MediaTek MT6739 LR12A', 'MediaTek MT6739 LR13', 'MediaTek MT6739 NR15', 'MediaTek MT6739 NR16', 'MediaTek MT6750 LR9', 'MediaTek MT6750 LR11', 'MediaTek MT6750 LR12', 'MediaTek MT6750 LR12A', 'MediaTek MT6750 LR13', 'MediaTek MT6750 NR15', 'MediaTek MT6750 NR16', 'MediaTek MT6750S LR9', 'MediaTek MT6750S LR11', 'MediaTek MT6750S LR12', 'MediaTek MT6750S LR12A', 'MediaTek MT6750S LR13', 'MediaTek MT6750S NR15', 'MediaTek MT6750S NR16', 'MediaTek MT6755 LR9', 'MediaTek MT6755 LR11', 'MediaTek MT6755 LR12', 'MediaTek MT6755 LR12A', 'MediaTek MT6755 LR13', 'MediaTek MT6755 NR15', 'MediaTek MT6755 NR16', 'MediaTek MT6757 LR9', 'MediaTek MT6757 LR11', 'MediaTek MT6757 LR12', 'MediaTek MT6757 LR12A', 'MediaTek MT6757 LR13', 'MediaTek MT6757 NR15', 'MediaTek MT6757 NR16', 'MediaTek MT6757P LR9', 'MediaTek MT6757P LR11', 'MediaTek MT6757P LR12', 'MediaTek MT6757P LR12A', 'MediaTek MT6757P LR13', 'MediaTek MT6757P NR15', 'MediaTek MT6757P NR16', 'MediaTek MT6758 LR9', 'MediaTek MT6758 LR11', 'MediaTek MT6758 LR12', 'MediaTek MT6758 LR12A', 'MediaTek MT6758 LR13', 'MediaTek MT6758 NR15', 'MediaTek MT6758 NR16', 'MediaTek MT6761 LR9', 'MediaTek MT6761 LR11', 'MediaTek MT6761 LR12', 'MediaTek MT6761 LR12A', 'MediaTek MT6761 LR13', 'MediaTek MT6761 NR15', 'MediaTek MT6761 NR16', 'MediaTek MT6762 LR9', 'MediaTek MT6762 LR11', 'MediaTek MT6762 LR12', 'MediaTek MT6762 LR12A', 'MediaTek MT6762 LR13', 'MediaTek MT6762 NR15', 'MediaTek MT6762 NR16', 'MediaTek MT6762D LR9', 'MediaTek MT6762D LR11', 'MediaTek MT6762D LR12', 'MediaTek MT6762D LR12A', 'MediaTek MT6762D LR13', 'MediaTek MT6762D NR15', 'MediaTek MT6762D NR16', 'MediaTek MT6762M LR9', 'MediaTek MT6762M LR11', 'MediaTek MT6762M LR12', 'MediaTek MT6762M LR12A', 'MediaTek MT6762M LR13', 'MediaTek MT6762M NR15', 'MediaTek MT6762M NR16', 'MediaTek MT6763 LR9', 'MediaTek MT6763 LR11', 'MediaTek MT6763 LR12', 'MediaTek MT6763 LR12A', 'MediaTek MT6763 LR13', 'MediaTek MT6763 NR15', 'MediaTek MT6763 NR16', 'MediaTek MT6765 LR9', 'MediaTek MT6765 LR11', 'MediaTek MT6765 LR12', 'MediaTek MT6765 LR12A', 'MediaTek MT6765 LR13', 'MediaTek MT6765 NR15', 'MediaTek MT6765 NR16', 'MediaTek MT6765T LR9', 'MediaTek MT6765T LR11', 'MediaTek MT6765T LR12', 'MediaTek MT6765T LR12A', 'MediaTek MT6765T LR13', 'MediaTek MT6765T NR15', 'MediaTek MT6765T NR16', 'MediaTek MT6767 LR9', 'MediaTek MT6767 LR11', 'MediaTek MT6767 LR12', 'MediaTek MT6767 LR12A', 'MediaTek MT6767 LR13', 'MediaTek MT6767 NR15', 'MediaTek MT6767 NR16', 'MediaTek MT6768 LR9', 'MediaTek MT6768 LR11', 'MediaTek MT6768 LR12', 'MediaTek MT6768 LR12A', 'MediaTek MT6768 LR13', 'MediaTek MT6768 NR15', 'MediaTek MT6768 NR16', 'MediaTek MT6769 LR9', 'MediaTek MT6769 LR11', 'MediaTek MT6769 LR12', 'MediaTek MT6769 LR12A', 'MediaTek MT6769 LR13', 'MediaTek MT6769 NR15', 'MediaTek MT6769 NR16', 'MediaTek MT6769T LR9', 'MediaTek MT6769T LR11', 'MediaTek MT6769T LR12', 'MediaTek MT6769T LR12A', 'MediaTek MT6769T LR13', 'MediaTek MT6769T NR15', 'MediaTek MT6769T NR16', 'MediaTek MT6769Z LR9', 'MediaTek MT6769Z LR11', 'MediaTek MT6769Z LR12', 'MediaTek MT6769Z LR12A', 'MediaTek MT6769Z LR13', 'MediaTek MT6769Z NR15', 'MediaTek MT6769Z NR16', 'MediaTek MT6771 LR9', 'MediaTek MT6771 LR11', 'MediaTek MT6771 LR12', 'MediaTek MT6771 LR12A', 'MediaTek MT6771 LR13', 'MediaTek MT6771 NR15', 'MediaTek MT6771 NR16', 'MediaTek MT6775 LR9', 'MediaTek MT6775 LR11', 'MediaTek MT6775 LR12', 'MediaTek MT6775 LR12A', 'MediaTek MT6775 LR13', 'MediaTek MT6775 NR15', 'MediaTek MT6775 NR16', 'MediaTek MT6779 LR9', 'MediaTek MT6779 LR11', 'MediaTek MT6779 LR12', 'MediaTek MT6779 LR12A', 'MediaTek MT6779 LR13', 'MediaTek MT6779 NR15', 'MediaTek MT6779 NR16', 'MediaTek MT6781 LR9', 'MediaTek MT6781 LR11', 'MediaTek MT6781 LR12', 'MediaTek MT6781 LR12A', 'MediaTek MT6781 LR13', 'MediaTek MT6781 NR15', 'MediaTek MT6781 NR16', 'MediaTek MT6783 LR9', 'MediaTek MT6783 LR11', 'MediaTek MT6783 LR12', 'MediaTek MT6783 LR12A', 'MediaTek MT6783 LR13', 'MediaTek MT6783 NR15', 'MediaTek MT6783 NR16', 'MediaTek MT6785 LR9', 'MediaTek MT6785 LR11', 'MediaTek MT6785 LR12', 'MediaTek MT6785 LR12A', 'MediaTek MT6785 LR13', 'MediaTek MT6785 NR15', 'MediaTek MT6785 NR16', 'MediaTek MT6785T LR9', 'MediaTek MT6785T LR11', 'MediaTek MT6785T LR12', 'MediaTek MT6785T LR12A', 'MediaTek MT6785T LR13', 'MediaTek MT6785T NR15', 'MediaTek MT6785T NR16', 'MediaTek MT6789 LR9', 'MediaTek MT6789 LR11', 'MediaTek MT6789 LR12', 'MediaTek MT6789 LR12A', 'MediaTek MT6789 LR13', 'MediaTek MT6789 NR15', 'MediaTek MT6789 NR16', 'MediaTek MT6797 LR9', 'MediaTek MT6797 LR11', 'MediaTek MT6797 LR12', 'MediaTek MT6797 LR12A', 'MediaTek MT6797 LR13', 'MediaTek MT6797 NR15', 'MediaTek MT6797 NR16', 'MediaTek MT6799 LR9', 'MediaTek MT6799 LR11', 'MediaTek MT6799 LR12', 'MediaTek MT6799 LR12A', 'MediaTek MT6799 LR13', 'MediaTek MT6799 NR15', 'MediaTek MT6799 NR16', 'MediaTek MT6833 LR9', 'MediaTek MT6833 LR11', 'MediaTek MT6833 LR12', 'MediaTek MT6833 LR12A', 'MediaTek MT6833 LR13', 'MediaTek MT6833 NR15', 'MediaTek MT6833 NR16', 'MediaTek MT6853 LR9', 'MediaTek MT6853 LR11', 'MediaTek MT6853 LR12', 'MediaTek MT6853 LR12A', 'MediaTek MT6853 LR13', 'MediaTek MT6853 NR15', 'MediaTek MT6853 NR16', 'MediaTek MT6855 LR9', 'MediaTek MT6855 LR11', 'MediaTek MT6855 LR12', 'MediaTek MT6855 LR12A', 'MediaTek MT6855 LR13', 'MediaTek MT6855 NR15', 'MediaTek MT6855 NR16', 'MediaTek MT6873 LR9', 'MediaTek MT6873 LR11', 'MediaTek MT6873 LR12', 'MediaTek MT6873 LR12A', 'MediaTek MT6873 LR13', 'MediaTek MT6873 NR15', 'MediaTek MT6873 NR16', 'MediaTek MT6875 LR9', 'MediaTek MT6875 LR11', 'MediaTek MT6875 LR12', 'MediaTek MT6875 LR12A', 'MediaTek MT6875 LR13', 'MediaTek MT6875 NR15', 'MediaTek MT6875 NR16', 'MediaTek MT6877 LR9', 'MediaTek MT6877 LR11', 'MediaTek MT6877 LR12', 'MediaTek MT6877 LR12A', 'MediaTek MT6877 LR13', 'MediaTek MT6877 NR15', 'MediaTek MT6877 NR16', 'MediaTek MT6879 LR9', 'MediaTek MT6879 LR11', 'MediaTek MT6879 LR12', 'MediaTek MT6879 LR12A', 'MediaTek MT6879 LR13', 'MediaTek MT6879 NR15', 'MediaTek MT6879 NR16', 'MediaTek MT6880 LR9', 'MediaTek MT6880 LR11', 'MediaTek MT6880 LR12', 'MediaTek MT6880 LR12A', 'MediaTek MT6880 LR13', 'MediaTek MT6880 NR15', 'MediaTek MT6880 NR16', 'MediaTek MT6883 LR9', 'MediaTek MT6883 LR11', 'MediaTek MT6883 LR12', 'MediaTek MT6883 LR12A', 'MediaTek MT6883 LR13', 'MediaTek MT6883 NR15', 'MediaTek MT6883 NR16', 'MediaTek MT6885 LR9', 'MediaTek MT6885 LR11', 'MediaTek MT6885 LR12', 'MediaTek MT6885 LR12A', 'MediaTek MT6885 LR13', 'MediaTek MT6885 NR15', 'MediaTek MT6885 NR16', 'MediaTek MT6889 LR9', 'MediaTek MT6889 LR11', 'MediaTek MT6889 LR12', 'MediaTek MT6889 LR12A', 'MediaTek MT6889 LR13', 'MediaTek MT6889 NR15', 'MediaTek MT6889 NR16', 'MediaTek MT6890 LR9', 'MediaTek MT6890 LR11', 'MediaTek MT6890 LR12', 'MediaTek MT6890 LR12A', 'MediaTek MT6890 LR13', 'MediaTek MT6890 NR15', 'MediaTek MT6890 NR16', 'MediaTek MT6891 LR9', 'MediaTek MT6891 LR11', 'MediaTek MT6891 LR12', 'MediaTek MT6891 LR12A', 'MediaTek MT6891 LR13', 'MediaTek MT6891 NR15', 'MediaTek MT6891 NR16', 'MediaTek MT6893 LR9', 'MediaTek MT6893 LR11', 'MediaTek MT6893 LR12', 'MediaTek MT6893 LR12A', 'MediaTek MT6893 LR13', 'MediaTek MT6893 NR15', 'MediaTek MT6893 NR16', 'MediaTek MT6895 LR9', 'MediaTek MT6895 LR11', 'MediaTek MT6895 LR12', 'MediaTek MT6895 LR12A', 'MediaTek MT6895 LR13', 'MediaTek MT6895 NR15', 'MediaTek MT6895 NR16', 'MediaTek MT6983 LR9', 'MediaTek MT6983 LR11', 'MediaTek MT6983 LR12', 'MediaTek MT6983 LR12A', 'MediaTek MT6983 LR13', 'MediaTek MT6983 NR15', 'MediaTek MT6983 NR16', 'MediaTek MT8666 LR9', 'MediaTek MT8666 LR11', 'MediaTek MT8666 LR12', 'MediaTek MT8666 LR12A', 'MediaTek MT8666 LR13', 'MediaTek MT8666 NR15', 'MediaTek MT8666 NR16', 'MediaTek MT8667 LR9', 'MediaTek MT8667 LR11', 'MediaTek MT8667 LR12', 'MediaTek MT8667 LR12A', 'MediaTek MT8667 LR13', 'MediaTek MT8667 NR15', 'MediaTek MT8667 NR16', 'MediaTek MT8675 LR9', 'MediaTek MT8675 LR11', 'MediaTek MT8675 LR12', 'MediaTek MT8675 LR12A', 'MediaTek MT8675 LR13', 'MediaTek MT8675 NR15', 'MediaTek MT8675 NR16', 'MediaTek MT8735A LR9', 'MediaTek MT8735A LR11', 'MediaTek MT8735A LR12', 'MediaTek MT8735A LR12A', 'MediaTek MT8735A LR13', 'MediaTek MT8735A NR15', 'MediaTek MT8735A NR16', 'MediaTek MT8735B LR9', 'MediaTek MT8735B LR11', 'MediaTek MT8735B LR12', 'MediaTek MT8735B LR12A', 'MediaTek MT8735B LR13', 'MediaTek MT8735B NR15', 'MediaTek MT8735B NR16', 'MediaTek MT8765 LR9', 'MediaTek MT8765 LR11', 'MediaTek MT8765 LR12', 'MediaTek MT8765 LR12A', 'MediaTek MT8765 LR13', 'MediaTek MT8765 NR15', 'MediaTek MT8765 NR16', 'MediaTek MT8766 LR9', 'MediaTek MT8766 LR11', 'MediaTek MT8766 LR12', 'MediaTek MT8766 LR12A', 'MediaTek MT8766 LR13', 'MediaTek MT8766 NR15', 'MediaTek MT8766 NR16', 'MediaTek MT8768 LR9', 'MediaTek MT8768 LR11', 'MediaTek MT8768 LR12', 'MediaTek MT8768 LR12A', 'MediaTek MT8768 LR13', 'MediaTek MT8768 NR15', 'MediaTek MT8768 NR16', 'MediaTek MT8771 LR9', 'MediaTek MT8771 LR11', 'MediaTek MT8771 LR12', 'MediaTek MT8771 LR12A', 'MediaTek MT8771 LR13', 'MediaTek MT8771 NR15', 'MediaTek MT8771 NR16', 'MediaTek MT8781 LR9', 'MediaTek MT8781 LR11', 'MediaTek MT8781 LR12', 'MediaTek MT8781 LR12A', 'MediaTek MT8781 LR13', 'MediaTek MT8781 NR15', 'MediaTek MT8781 NR16', 'MediaTek MT8786 LR9', 'MediaTek MT8786 LR11', 'MediaTek MT8786 LR12', 'MediaTek MT8786 LR12A', 'MediaTek MT8786 LR13', 'MediaTek MT8786 NR15', 'MediaTek MT8786 NR16', 'MediaTek MT8788 LR9', 'MediaTek MT8788 LR11', 'MediaTek MT8788 LR12', 'MediaTek MT8788 LR12A', 'MediaTek MT8788 LR13', 'MediaTek MT8788 NR15', 'MediaTek MT8788 NR16', 'MediaTek MT8789 LR9', 'MediaTek MT8789 LR11', 'MediaTek MT8789 LR12', 'MediaTek MT8789 LR12A', 'MediaTek MT8789 LR13', 'MediaTek MT8789 NR15', 'MediaTek MT8789 NR16', 'MediaTek MT8791 LR9', 'MediaTek MT8791 LR11', 'MediaTek MT8791 LR12', 'MediaTek MT8791 LR12A', 'MediaTek MT8791 LR13', 'MediaTek MT8791 NR15', 'MediaTek MT8791 NR16', 'MediaTek MT8797 LR9', 'MediaTek MT8797 LR11', 'MediaTek MT8797 LR12', 'MediaTek MT8797 LR12A', 'MediaTek MT8797 LR13', 'MediaTek MT8797 NR15', 'MediaTek MT8797 NR16'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2022-21744",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-21744"
}
},
"description": "\u8054\u53d1\u79d1\u6280\u80a1\u4efd\u6709\u9650\u516c\u53f8\uff08MediaTek Inc.\uff09\u662f\u5168\u7403\u7b2c\u56db\u5927\u6676\u5706\u5382\u534a\u5bfc\u4f53\u516c\u53f8\uff0c\u5728\u79fb\u52a8\u7ec8\u7aef\u3001\u667a\u80fd\u5bb6\u5c45\u5e94\u7528\u3001\u65e0\u7ebf\u8fde\u63a5\u6280\u672f\u53ca\u7269\u8054\u7f51\u4ea7\u54c1\u7b49\u5e02\u573a\u4f4d\u5c45\u9886\u5148\u5730\u4f4d\uff0c\u4e00\u5e74\u7ea6\u670915\u4ebf\u53f0\u5185\u5efaMediaTek\u82af\u7247\u7684\u7ec8\u7aef\u4ea7\u54c1\u5728\u5168\u7403\u5404\u5730\u4e0a\u5e02\u3002\n\n\u591a\u6b3eMediaTek\u82af\u7247Modem 2G RR\u5b58\u5728\u8d8a\u754c\u5199\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728Modem 2G RR\u7f3a\u5c11\u8fb9\u754c\u68c0\u67e5\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdb\u884c\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://source.android.com/security/bulletin/2022-07-01",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2022-66250",
"openTime": "2022-09-29",
"patchDescription": "\u8054\u53d1\u79d1\u6280\u80a1\u4efd\u6709\u9650\u516c\u53f8\uff08MediaTek Inc.\uff09\u662f\u5168\u7403\u7b2c\u56db\u5927\u6676\u5706\u5382\u534a\u5bfc\u4f53\u516c\u53f8\uff0c\u5728\u79fb\u52a8\u7ec8\u7aef\u3001\u667a\u80fd\u5bb6\u5c45\u5e94\u7528\u3001\u65e0\u7ebf\u8fde\u63a5\u6280\u672f\u53ca\u7269\u8054\u7f51\u4ea7\u54c1\u7b49\u5e02\u573a\u4f4d\u5c45\u9886\u5148\u5730\u4f4d\uff0c\u4e00\u5e74\u7ea6\u670915\u4ebf\u53f0\u5185\u5efaMediaTek\u82af\u7247\u7684\u7ec8\u7aef\u4ea7\u54c1\u5728\u5168\u7403\u5404\u5730\u4e0a\u5e02\u3002\r\n\r\n\u591a\u6b3eMediaTek\u82af\u7247Modem 2G RR\u5b58\u5728\u8d8a\u754c\u5199\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728Modem 2G RR\u7f3a\u5c11\u8fb9\u754c\u68c0\u67e5\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdb\u884c\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u6b3eMediaTek\u82af\u7247Modem 2G RR\u5b58\u5728\u8d8a\u754c\u5199\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"MediaTek MT2731 LR9",
"MediaTek MT2731 LR11",
"MediaTek MT2731 LR12",
"MediaTek MT2731 LR12A",
"MediaTek MT2731 LR13",
"MediaTek MT2731 NR15",
"MediaTek MT2731 NR16",
"MediaTek MT2735 LR9",
"MediaTek MT2735 LR11",
"MediaTek MT2735 LR12",
"MediaTek MT2735 LR12A",
"MediaTek MT2735 LR13",
"MediaTek MT2735 NR15",
"MediaTek MT2735 NR16",
"MediaTek MT6297 LR9",
"MediaTek MT6297 LR11",
"MediaTek MT6297 LR12",
"MediaTek MT6297 LR12A",
"MediaTek MT6297 LR13",
"MediaTek MT6297 NR15",
"MediaTek MT6297 NR16",
"MediaTek MT6725 LR9",
"MediaTek MT6725 LR11",
"MediaTek MT6725 LR12",
"MediaTek MT6725 LR12A",
"MediaTek MT6725 LR13",
"MediaTek MT6725 NR15",
"MediaTek MT6725 NR16",
"MediaTek MT6735 LR9",
"MediaTek MT6735 LR11",
"MediaTek MT6735 LR12",
"MediaTek MT6735 LR12A",
"MediaTek MT6735 LR13",
"MediaTek MT6735 NR15",
"MediaTek MT6735 NR16",
"MediaTek MT6737 LR9",
"MediaTek MT6737 LR11",
"MediaTek MT6737 LR12",
"MediaTek MT6737 LR12A",
"MediaTek MT6737 LR13",
"MediaTek MT6737 NR15",
"MediaTek MT6737 NR16",
"MediaTek MT6739 LR9",
"MediaTek MT6739 LR11",
"MediaTek MT6739 LR12",
"MediaTek MT6739 LR12A",
"MediaTek MT6739 LR13",
"MediaTek MT6739 NR15",
"MediaTek MT6739 NR16",
"MediaTek MT6750 LR9",
"MediaTek MT6750 LR11",
"MediaTek MT6750 LR12",
"MediaTek MT6750 LR12A",
"MediaTek MT6750 LR13",
"MediaTek MT6750 NR15",
"MediaTek MT6750 NR16",
"MediaTek MT6750S LR9",
"MediaTek MT6750S LR11",
"MediaTek MT6750S LR12",
"MediaTek MT6750S LR12A",
"MediaTek MT6750S LR13",
"MediaTek MT6750S NR15",
"MediaTek MT6750S NR16",
"MediaTek MT6755 LR9",
"MediaTek MT6755 LR11",
"MediaTek MT6755 LR12",
"MediaTek MT6755 LR12A",
"MediaTek MT6755 LR13",
"MediaTek MT6755 NR15",
"MediaTek MT6755 NR16",
"MediaTek MT6757 LR9",
"MediaTek MT6757 LR11",
"MediaTek MT6757 LR12",
"MediaTek MT6757 LR12A",
"MediaTek MT6757 LR13",
"MediaTek MT6757 NR15",
"MediaTek MT6757 NR16",
"MediaTek MT6757P LR9",
"MediaTek MT6757P LR11",
"MediaTek MT6757P LR12",
"MediaTek MT6757P LR12A",
"MediaTek MT6757P LR13",
"MediaTek MT6757P NR15",
"MediaTek MT6757P NR16",
"MediaTek MT6758 LR9",
"MediaTek MT6758 LR11",
"MediaTek MT6758 LR12",
"MediaTek MT6758 LR12A",
"MediaTek MT6758 LR13",
"MediaTek MT6758 NR15",
"MediaTek MT6758 NR16",
"MediaTek MT6761 LR9",
"MediaTek MT6761 LR11",
"MediaTek MT6761 LR12",
"MediaTek MT6761 LR12A",
"MediaTek MT6761 LR13",
"MediaTek MT6761 NR15",
"MediaTek MT6761 NR16",
"MediaTek MT6762 LR9",
"MediaTek MT6762 LR11",
"MediaTek MT6762 LR12",
"MediaTek MT6762 LR12A",
"MediaTek MT6762 LR13",
"MediaTek MT6762 NR15",
"MediaTek MT6762 NR16",
"MediaTek MT6762D LR9",
"MediaTek MT6762D LR11",
"MediaTek MT6762D LR12",
"MediaTek MT6762D LR12A",
"MediaTek MT6762D LR13",
"MediaTek MT6762D NR15",
"MediaTek MT6762D NR16",
"MediaTek MT6762M LR9",
"MediaTek MT6762M LR11",
"MediaTek MT6762M LR12",
"MediaTek MT6762M LR12A",
"MediaTek MT6762M LR13",
"MediaTek MT6762M NR15",
"MediaTek MT6762M NR16",
"MediaTek MT6763 LR9",
"MediaTek MT6763 LR11",
"MediaTek MT6763 LR12",
"MediaTek MT6763 LR12A",
"MediaTek MT6763 LR13",
"MediaTek MT6763 NR15",
"MediaTek MT6763 NR16",
"MediaTek MT6765 LR9",
"MediaTek MT6765 LR11",
"MediaTek MT6765 LR12",
"MediaTek MT6765 LR12A",
"MediaTek MT6765 LR13",
"MediaTek MT6765 NR15",
"MediaTek MT6765 NR16",
"MediaTek MT6765T LR9",
"MediaTek MT6765T LR11",
"MediaTek MT6765T LR12",
"MediaTek MT6765T LR12A",
"MediaTek MT6765T LR13",
"MediaTek MT6765T NR15",
"MediaTek MT6765T NR16",
"MediaTek MT6767 LR9",
"MediaTek MT6767 LR11",
"MediaTek MT6767 LR12",
"MediaTek MT6767 LR12A",
"MediaTek MT6767 LR13",
"MediaTek MT6767 NR15",
"MediaTek MT6767 NR16",
"MediaTek MT6768 LR9",
"MediaTek MT6768 LR11",
"MediaTek MT6768 LR12",
"MediaTek MT6768 LR12A",
"MediaTek MT6768 LR13",
"MediaTek MT6768 NR15",
"MediaTek MT6768 NR16",
"MediaTek MT6769 LR9",
"MediaTek MT6769 LR11",
"MediaTek MT6769 LR12",
"MediaTek MT6769 LR12A",
"MediaTek MT6769 LR13",
"MediaTek MT6769 NR15",
"MediaTek MT6769 NR16",
"MediaTek MT6769T LR9",
"MediaTek MT6769T LR11",
"MediaTek MT6769T LR12",
"MediaTek MT6769T LR12A",
"MediaTek MT6769T LR13",
"MediaTek MT6769T NR15",
"MediaTek MT6769T NR16",
"MediaTek MT6769Z LR9",
"MediaTek MT6769Z LR11",
"MediaTek MT6769Z LR12",
"MediaTek MT6769Z LR12A",
"MediaTek MT6769Z LR13",
"MediaTek MT6769Z NR15",
"MediaTek MT6769Z NR16",
"MediaTek MT6771 LR9",
"MediaTek MT6771 LR11",
"MediaTek MT6771 LR12",
"MediaTek MT6771 LR12A",
"MediaTek MT6771 LR13",
"MediaTek MT6771 NR15",
"MediaTek MT6771 NR16",
"MediaTek MT6775 LR9",
"MediaTek MT6775 LR11",
"MediaTek MT6775 LR12",
"MediaTek MT6775 LR12A",
"MediaTek MT6775 LR13",
"MediaTek MT6775 NR15",
"MediaTek MT6775 NR16",
"MediaTek MT6779 LR9",
"MediaTek MT6779 LR11",
"MediaTek MT6779 LR12",
"MediaTek MT6779 LR12A",
"MediaTek MT6779 LR13",
"MediaTek MT6779 NR15",
"MediaTek MT6779 NR16",
"MediaTek MT6781 LR9",
"MediaTek MT6781 LR11",
"MediaTek MT6781 LR12",
"MediaTek MT6781 LR12A",
"MediaTek MT6781 LR13",
"MediaTek MT6781 NR15",
"MediaTek MT6781 NR16",
"MediaTek MT6783 LR9",
"MediaTek MT6783 LR11",
"MediaTek MT6783 LR12",
"MediaTek MT6783 LR12A",
"MediaTek MT6783 LR13",
"MediaTek MT6783 NR15",
"MediaTek MT6783 NR16",
"MediaTek MT6785 LR9",
"MediaTek MT6785 LR11",
"MediaTek MT6785 LR12",
"MediaTek MT6785 LR12A",
"MediaTek MT6785 LR13",
"MediaTek MT6785 NR15",
"MediaTek MT6785 NR16",
"MediaTek MT6785T LR9",
"MediaTek MT6785T LR11",
"MediaTek MT6785T LR12",
"MediaTek MT6785T LR12A",
"MediaTek MT6785T LR13",
"MediaTek MT6785T NR15",
"MediaTek MT6785T NR16",
"MediaTek MT6789 LR9",
"MediaTek MT6789 LR11",
"MediaTek MT6789 LR12",
"MediaTek MT6789 LR12A",
"MediaTek MT6789 LR13",
"MediaTek MT6789 NR15",
"MediaTek MT6789 NR16",
"MediaTek MT6797 LR9",
"MediaTek MT6797 LR11",
"MediaTek MT6797 LR12",
"MediaTek MT6797 LR12A",
"MediaTek MT6797 LR13",
"MediaTek MT6797 NR15",
"MediaTek MT6797 NR16",
"MediaTek MT6799 LR9",
"MediaTek MT6799 LR11",
"MediaTek MT6799 LR12",
"MediaTek MT6799 LR12A",
"MediaTek MT6799 LR13",
"MediaTek MT6799 NR15",
"MediaTek MT6799 NR16",
"MediaTek MT6833 LR9",
"MediaTek MT6833 LR11",
"MediaTek MT6833 LR12",
"MediaTek MT6833 LR12A",
"MediaTek MT6833 LR13",
"MediaTek MT6833 NR15",
"MediaTek MT6833 NR16",
"MediaTek MT6853 LR9",
"MediaTek MT6853 LR11",
"MediaTek MT6853 LR12",
"MediaTek MT6853 LR12A",
"MediaTek MT6853 LR13",
"MediaTek MT6853 NR15",
"MediaTek MT6853 NR16",
"MediaTek MT6855 LR9",
"MediaTek MT6855 LR11",
"MediaTek MT6855 LR12",
"MediaTek MT6855 LR12A",
"MediaTek MT6855 LR13",
"MediaTek MT6855 NR15",
"MediaTek MT6855 NR16",
"MediaTek MT6873 LR9",
"MediaTek MT6873 LR11",
"MediaTek MT6873 LR12",
"MediaTek MT6873 LR12A",
"MediaTek MT6873 LR13",
"MediaTek MT6873 NR15",
"MediaTek MT6873 NR16",
"MediaTek MT6875 LR9",
"MediaTek MT6875 LR11",
"MediaTek MT6875 LR12",
"MediaTek MT6875 LR12A",
"MediaTek MT6875 LR13",
"MediaTek MT6875 NR15",
"MediaTek MT6875 NR16",
"MediaTek MT6877 LR9",
"MediaTek MT6877 LR11",
"MediaTek MT6877 LR12",
"MediaTek MT6877 LR12A",
"MediaTek MT6877 LR13",
"MediaTek MT6877 NR15",
"MediaTek MT6877 NR16",
"MediaTek MT6879 LR9",
"MediaTek MT6879 LR11",
"MediaTek MT6879 LR12",
"MediaTek MT6879 LR12A",
"MediaTek MT6879 LR13",
"MediaTek MT6879 NR15",
"MediaTek MT6879 NR16",
"MediaTek MT6880 LR9",
"MediaTek MT6880 LR11",
"MediaTek MT6880 LR12",
"MediaTek MT6880 LR12A",
"MediaTek MT6880 LR13",
"MediaTek MT6880 NR15",
"MediaTek MT6880 NR16",
"MediaTek MT6883 LR9",
"MediaTek MT6883 LR11",
"MediaTek MT6883 LR12",
"MediaTek MT6883 LR12A",
"MediaTek MT6883 LR13",
"MediaTek MT6883 NR15",
"MediaTek MT6883 NR16",
"MediaTek MT6885 LR9",
"MediaTek MT6885 LR11",
"MediaTek MT6885 LR12",
"MediaTek MT6885 LR12A",
"MediaTek MT6885 LR13",
"MediaTek MT6885 NR15",
"MediaTek MT6885 NR16",
"MediaTek MT6889 LR9",
"MediaTek MT6889 LR11",
"MediaTek MT6889 LR12",
"MediaTek MT6889 LR12A",
"MediaTek MT6889 LR13",
"MediaTek MT6889 NR15",
"MediaTek MT6889 NR16",
"MediaTek MT6890 LR9",
"MediaTek MT6890 LR11",
"MediaTek MT6890 LR12",
"MediaTek MT6890 LR12A",
"MediaTek MT6890 LR13",
"MediaTek MT6890 NR15",
"MediaTek MT6890 NR16",
"MediaTek MT6891 LR9",
"MediaTek MT6891 LR11",
"MediaTek MT6891 LR12",
"MediaTek MT6891 LR12A",
"MediaTek MT6891 LR13",
"MediaTek MT6891 NR15",
"MediaTek MT6891 NR16",
"MediaTek MT6893 LR9",
"MediaTek MT6893 LR11",
"MediaTek MT6893 LR12",
"MediaTek MT6893 LR12A",
"MediaTek MT6893 LR13",
"MediaTek MT6893 NR15",
"MediaTek MT6893 NR16",
"MediaTek MT6895 LR9",
"MediaTek MT6895 LR11",
"MediaTek MT6895 LR12",
"MediaTek MT6895 LR12A",
"MediaTek MT6895 LR13",
"MediaTek MT6895 NR15",
"MediaTek MT6895 NR16",
"MediaTek MT6983 LR9",
"MediaTek MT6983 LR11",
"MediaTek MT6983 LR12",
"MediaTek MT6983 LR12A",
"MediaTek MT6983 LR13",
"MediaTek MT6983 NR15",
"MediaTek MT6983 NR16",
"MediaTek MT8666 LR9",
"MediaTek MT8666 LR11",
"MediaTek MT8666 LR12",
"MediaTek MT8666 LR12A",
"MediaTek MT8666 LR13",
"MediaTek MT8666 NR15",
"MediaTek MT8666 NR16",
"MediaTek MT8667 LR9",
"MediaTek MT8667 LR11",
"MediaTek MT8667 LR12",
"MediaTek MT8667 LR12A",
"MediaTek MT8667 LR13",
"MediaTek MT8667 NR15",
"MediaTek MT8667 NR16",
"MediaTek MT8675 LR9",
"MediaTek MT8675 LR11",
"MediaTek MT8675 LR12",
"MediaTek MT8675 LR12A",
"MediaTek MT8675 LR13",
"MediaTek MT8675 NR15",
"MediaTek MT8675 NR16",
"MediaTek MT8735A LR9",
"MediaTek MT8735A LR11",
"MediaTek MT8735A LR12",
"MediaTek MT8735A LR12A",
"MediaTek MT8735A LR13",
"MediaTek MT8735A NR15",
"MediaTek MT8735A NR16",
"MediaTek MT8735B LR9",
"MediaTek MT8735B LR11",
"MediaTek MT8735B LR12",
"MediaTek MT8735B LR12A",
"MediaTek MT8735B LR13",
"MediaTek MT8735B NR15",
"MediaTek MT8735B NR16",
"MediaTek MT8765 LR9",
"MediaTek MT8765 LR11",
"MediaTek MT8765 LR12",
"MediaTek MT8765 LR12A",
"MediaTek MT8765 LR13",
"MediaTek MT8765 NR15",
"MediaTek MT8765 NR16",
"MediaTek MT8766 LR9",
"MediaTek MT8766 LR11",
"MediaTek MT8766 LR12",
"MediaTek MT8766 LR12A",
"MediaTek MT8766 LR13",
"MediaTek MT8766 NR15",
"MediaTek MT8766 NR16",
"MediaTek MT8768 LR9",
"MediaTek MT8768 LR11",
"MediaTek MT8768 LR12",
"MediaTek MT8768 LR12A",
"MediaTek MT8768 LR13",
"MediaTek MT8768 NR15",
"MediaTek MT8768 NR16",
"MediaTek MT8771 LR9",
"MediaTek MT8771 LR11",
"MediaTek MT8771 LR12",
"MediaTek MT8771 LR12A",
"MediaTek MT8771 LR13",
"MediaTek MT8771 NR15",
"MediaTek MT8771 NR16",
"MediaTek MT8781 LR9",
"MediaTek MT8781 LR11",
"MediaTek MT8781 LR12",
"MediaTek MT8781 LR12A",
"MediaTek MT8781 LR13",
"MediaTek MT8781 NR15",
"MediaTek MT8781 NR16",
"MediaTek MT8786 LR9",
"MediaTek MT8786 LR11",
"MediaTek MT8786 LR12",
"MediaTek MT8786 LR12A",
"MediaTek MT8786 LR13",
"MediaTek MT8786 NR15",
"MediaTek MT8786 NR16",
"MediaTek MT8788 LR9",
"MediaTek MT8788 LR11",
"MediaTek MT8788 LR12",
"MediaTek MT8788 LR12A",
"MediaTek MT8788 LR13",
"MediaTek MT8788 NR15",
"MediaTek MT8788 NR16",
"MediaTek MT8789 LR9",
"MediaTek MT8789 LR11",
"MediaTek MT8789 LR12",
"MediaTek MT8789 LR12A",
"MediaTek MT8789 LR13",
"MediaTek MT8789 NR15",
"MediaTek MT8789 NR16",
"MediaTek MT8791 LR9",
"MediaTek MT8791 LR11",
"MediaTek MT8791 LR12",
"MediaTek MT8791 LR12A",
"MediaTek MT8791 LR13",
"MediaTek MT8791 NR15",
"MediaTek MT8791 NR16",
"MediaTek MT8797 LR9",
"MediaTek MT8797 LR11",
"MediaTek MT8797 LR12",
"MediaTek MT8797 LR12A",
"MediaTek MT8797 LR13",
"MediaTek MT8797 NR15",
"MediaTek MT8797 NR16"
]
},
"referenceLink": "https://corp.mediatek.com/product-security-bulletin/July-2022",
"serverity": "\u9ad8",
"submitTime": "2022-07-08",
"title": "\u591a\u6b3eMediaTek\u82af\u7247Modem 2G RR\u5b58\u5728\u8d8a\u754c\u5199\u5165\u6f0f\u6d1e"
}
GHSA-X3Q2-Q8JJ-F7GJ
Vulnerability from github – Published: 2022-07-07 00:00 – Updated: 2022-07-15 00:00
VLAI?
Details
In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2022-21744"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-06T14:15:00Z",
"severity": "CRITICAL"
},
"details": "In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.",
"id": "GHSA-x3q2-q8jj-f7gj",
"modified": "2022-07-15T00:00:25Z",
"published": "2022-07-07T00:00:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21744"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2022-21744
Vulnerability from fkie_nvd - Published: 2022-07-06 14:15 - Updated: 2024-11-21 06:45
Severity ?
Summary
In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mediatek:lr11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFEBC79B-E936-4499-8B2D-C6619C51B755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:lr12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32EA5EB6-EBC1-4660-9E03-616CDB25C417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B6AFD8-6CBA-4A1D-B38F-A9ABFEB6EFC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12318A0A-16CD-48A5-98A4-373070734642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:lr9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387D7FC2-2146-4565-9B9B-D84EF686DBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30A2D2E-6A72-4070-A471-EEE75F7D07F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B763B71-F913-45B4-B91E-D7F0670C4315",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6528FA05-C8B7-498B-93BE-0BEFED28C1FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99B87E31-AC92-445B-94B8-33DBF72EC11C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6725:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEE78CC-80F8-4C4F-92BA-378AAA85F087",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C9D91-A64F-446E-BC14-7C79B770C3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BE9434-12D6-4801-8B04-7F18AF58E717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "424A75C9-2A15-4B00-B0B7-703A4840CC1D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B15C285A-0A26-46F7-9D72-CCADC47D93B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "160C2DDD-6CA5-4E4F-B885-C8AAA7D1D942",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0002C537-4268-43CA-B349-BC14F1F0313C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE80B083-D5A3-418C-9655-C79C9DECB4C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3367BA13-9C4D-4CCF-8E71-397F33CFF773",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1BE913-70AE-49FE-99E9-E996165DF79D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6775:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C387CFFD-BAE4-4626-8AC3-7C9CFB6819FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C8F9C2-6471-4498-B089-2F40D2483487",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7CC141-E2D6-4F28-B6F0-167E11869CD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CAAE1-2BC9-49CA-AC68-2217A4258BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7A805-EFED-47B3-884C-158FF1EECAEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB519B-9BA4-4D4A-8ED1-CE79E56E70E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D09F23D-D023-4A60-B426-61251FDD8A5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626."
},
{
"lang": "es",
"value": "En Modem 2G RR, es posible sea producida una escritura fuera de l\u00edmites debido a una falta de comprobaci\u00f3n de l\u00edmites. Esto podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo remota cuando son descodificados datos de celdas vecinas de paquetes GPRS (PNCD) de tama\u00f1o inapropiado sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del parche: MOLY00810064; ID de Incidencia: ALPS06641626"
}
],
"id": "CVE-2022-21744",
"lastModified": "2024-11-21T06:45:21.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-06T14:15:17.027",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2022"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…