CVE-2022-20040

Summary

In power_hal_manager_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150.

Affected Software

VendorProductVersion RangeStatus
MediaTek, Inc.MT6735, MT6737, MT6739, MT6755, MT6757, MT6761, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797Android 11.0, 12.0affected

Weaknesses

  • Elevation of Privilege

ADP Enrichment

CVE Program Container

Additional References

References