CVE-2023-20796

In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929790; Issue ID: ALPS07929790.

Published: Aug 7, 2023
Updated: Aug 10, 2023
CVE: CVE-2023-20796
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.4
AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
linuxfoundation / yocto	2.6	2.6.x
linuxfoundation / yocto	3.3	3.3.x
rdkcentral / rdk-b	2022q3	2022q3.x
google / android	12.0	12.0.x
google / android	13.0	13.0.x
openwrt / openwrt	19.07.0	19.07.0.x
openwrt / openwrt	21.02.0	21.02.0.x

https://corp.mediatek.com/product-security-bulletin/August-2023

Vulnerability Database

289,697

CVE-2023-20796