CVE-2024-20116

Summary

In cmdq, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09057438; Issue ID: MSV-1696.

Affected Software

VendorProductVersion RangeStatus
MediaTek, Inc.MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798Android 12.0affected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References