CVE-2022-20068

Summary

In mobile_log_d, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308907; Issue ID: ALPS06308907.

Affected Software

VendorProductVersion RangeStatus
MediaTek, Inc.MT6731, MT6732, MT6735, MT6737, MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6799, MT6833, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6985, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797Android 10.0, 11.0, 12.0affected

Weaknesses

  • Elevation of Privilege

ADP Enrichment

CVE Program Container

Additional References

References