CVE-2022-20107

Summary

In subtitle service, there is a possible application crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330673; Issue ID: DTV03330673.

Affected Software

VendorProductVersion RangeStatus
MediaTek, Inc.MT9011, MT9215, MT9216, MT9220, MT9221, MT9255, MT9256, MT9266, MT9269, MT9285, MT9286, MT9288, MT9600, MT9602, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9629, MT9630, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9666, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688Android 9.0, 10.0, 11.0 or Linux Kernel 4.9, 4.19affected

Weaknesses

  • Denial of Service

ADP Enrichment

CVE Program Container

Additional References

References