In wlan driver, there is a possible out of bound read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998291; Issue ID: MSV-1604.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://corp.mediatek.com/product-security-bulletin/December-2024 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
22 Apr 2025, 13:49
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-125 | |
| References | () https://corp.mediatek.com/product-security-bulletin/December-2024 - Vendor Advisory | |
| First Time |
Mediatek mt6985
Mediatek mt3605 Mediatek mt8370 Mediatek mt8390 Google android Mediatek mt7927 Mediatek mt6990 Mediatek software Development Kit Mediatek mt8195 Mediatek mt6989 Mediatek mt7925 Mediatek |
|
| CPE | cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt3605:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:* cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:* |
02 Dec 2024, 04:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-12-02 04:15
Updated : 2025-04-22 13:49
NVD link : CVE-2024-20138
Mitre link : CVE-2024-20138
JSON object : View
Products Affected
mediatek
- mt6985
- mt7927
- mt6989
- mt8370
- software_development_kit
- mt8195
- mt8390
- mt7925
- mt3605
- mt6990
- android
CWE
CWE-125
Out-of-bounds Read