November 2024 Product Security Bulletin

Published 2024-11-04
The MediaTek Product Security Bulletin contains details of security vulnerabilities affecting MediaTek Smartphone, Tablet, AIoT, Smart display, Smart platform, OTT, Computer Vision and Audio chipsets. Device OEMs have been notified of all the issues and the corresponding security patches for at least two months before publication.

The severity of the identified vulnerabilities was conducted based on the Common Vulnerability Scoring System version 3.1 (CVSS v3.1).


Summary

Severity CVEs
High CVE-2024-20104, CVE-2024-20106
Medium CVE-2024-20107, CVE-2024-20108, CVE-2024-20109, CVE-2024-20110, CVE-2024-20111, CVE-2024-20112, CVE-2024-20113, CVE-2024-20114, CVE-2024-20115, CVE-2024-20117, CVE-2024-20118, CVE-2024-20119, CVE-2024-20120, CVE-2024-20121, CVE-2024-20122, CVE-2024-20123, CVE-2024-20124


Details

CVE CVE-2024-20104
Title Out-of-bounds write in DA
Severity High
Vulnerability Type EoP
CWE CWE-787 Out-of-bounds Write
Description In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Affected Chipsets MT6781, MT6789, MT6835, MT6855, MT6878, MT6879, MT6880, MT6886, MT6890, MT6895, MT6897, MT6980, MT6983, MT6985, MT6989, MT6990, MT8188, MT8370, MT8390, MT8676
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0 / openWRT 19.07, 21.02, 23.05 / Yocto 4.0 / RDK-B 22Q3, 24Q1

CVE CVE-2024-20106
Title Type confusion in m4u
Severity High
Vulnerability Type EoP
CWE CWE-843 Type Confusion
Description In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6739, MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8666, MT8667, MT8673, MT8678
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0

CVE CVE-2024-20107
Title Out-of-bounds read in DA
Severity Medium
Vulnerability Type ID
CWE CWE-125 Out-of-bounds Read
Description In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6781, MT6789, MT6835, MT6855, MT6878, MT6879, MT6880, MT6886, MT6890, MT6895, MT6897, MT6980, MT6983, MT6985, MT6989, MT6990, MT8188, MT8370, MT8390, MT8676
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0 / openWRT 19.07, 21.02, 23.05 / Yocto 4.0 / RDK-B 22Q3, 24Q1

CVE CVE-2024-20108
Title Out-of-bounds write in atci
Severity Medium
Vulnerability Type EoP
CWE CWE-787 Out-of-bounds Write
Description In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6896, MT6897, MT6983, MT6985, MT6989, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8370, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8755, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8792, MT8795T, MT8796, MT8797, MT8798
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0

CVE CVE-2024-20109
Title Out-of-bounds write in ccu
Severity Medium
Vulnerability Type EoP
CWE CWE-787 Out-of-bounds Write
Description In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6765, MT6768, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8188, MT8195
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0

CVE CVE-2024-20110
Title Out-of-bounds write in ccu
Severity Medium
Vulnerability Type EoP
CWE CWE-787 Out-of-bounds Write
Description In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6765, MT6768, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8188, MT8195
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0

CVE CVE-2024-20111
Title Out-of-bounds write in ccu
Severity Medium
Vulnerability Type EoP
CWE CWE-787 Out-of-bounds Write
Description In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6765, MT6768, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8188, MT8195
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0

CVE CVE-2024-20112
Title Out-of-bounds read in isp
Severity Medium
Vulnerability Type DoS
CWE CWE-125 Out-of-bounds Read
Description In isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation.
Affected Chipsets MT6878, MT6886, MT6897, MT6985, MT8676
Affected Software Versions Android 13.0, 14.0

CVE CVE-2024-20113
Title Out-of-bounds write in ccu
Severity Medium
Vulnerability Type EoP
CWE CWE-787 Out-of-bounds Write
Description In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6765, MT6768, MT8188, MT8195
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0

CVE CVE-2024-20114
Title Out-of-bounds write in ccu
Severity Medium
Vulnerability Type EoP
CWE CWE-787 Out-of-bounds Write
Description In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6765, MT6768, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8188, MT8195
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0

CVE CVE-2024-20115
Title Out-of-bounds write in ccu
Severity Medium
Vulnerability Type EoP
CWE CWE-787 Out-of-bounds Write
Description In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8188, MT8195
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0

CVE CVE-2024-20117
Title Out-of-bounds read in vdec
Severity Medium
Vulnerability Type ID
CWE CWE-125 Out-of-bounds Read
Description In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6761, MT6765, MT6768, MT6779, MT6785, MT8766, MT8768, MT8789
Affected Software Versions Android 12.0

CVE CVE-2024-20118
Title Write-what-where condition in mms
Severity Medium
Vulnerability Type EoP
CWE CWE-123 Write-what-where Condition
Description In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8676, MT8792
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0

CVE CVE-2024-20119
Title Write-what-where condition in mms
Severity Medium
Vulnerability Type EoP
CWE CWE-123 Write-what-where Condition
Description In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8676
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0

CVE CVE-2024-20120
Title Out-of-bounds write in KeyInstall
Severity Medium
Vulnerability Type EoP
CWE CWE-787 Out-of-bounds Write
Description In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6765, MT6768, MT6833, MT6835, MT6853, MT6855, MT6879, MT6886, MT6893, MT6983, MT8321, MT8385, MT8755, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8792, MT8795T, MT8796, MT8797, MT8798
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0

CVE CVE-2024-20121
Title Out-of-bounds write in KeyInstall
Severity Medium
Vulnerability Type EoP
CWE CWE-787 Out-of-bounds Write
Description In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6765, MT6768, MT6833, MT6835, MT6853, MT6855, MT6879, MT6886, MT6893, MT6983, MT6989, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8792, MT8795T, MT8796, MT8797, MT8798
Affected Software Versions Android 12.0, 13.0, 14.0, 15.0

CVE CVE-2024-20122
Title Out-of-bounds read in vdec
Severity Medium
Vulnerability Type ID
CWE CWE-125 Out-of-bounds Read
Description In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6761, MT6765, MT6768, MT6779, MT6785, MT8766, MT8768, MT8789
Affected Software Versions Android 12.0

CVE CVE-2024-20123
Title Out-of-bounds read in vdec
Severity Medium
Vulnerability Type ID
CWE CWE-125 Out-of-bounds Read
Description In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6761, MT6765, MT6768, MT6779, MT6785, MT8766, MT8768, MT8789
Affected Software Versions Android 12.0

CVE CVE-2024-20124
Title Out-of-bounds read in vdec
Severity Medium
Vulnerability Type ID
CWE CWE-125 Out-of-bounds Read
Description In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6761, MT6765, MT6768, MT6779, MT6785, MT8766, MT8768, MT8789
Affected Software Versions Android 12.0


Vulnerability Type Definition

Abbreviation Definition
RCE Remote Code Execution
EoP Elevation of Privilege
ID Information Disclosure
DoS Denial of Service
N/A Classification not available


Versions

Version Date Description
1.0 November 4, 2024 Bulletin published.


Notes

Information above is generated only at the time of creation of this Security Bulletin. The list of affected chipsets could be not complete. For any further information, device OEMs can reach your MediaTek contact person if needed.

If you want to report a security vulnerability in MediaTek chipsets or products, please go to Report Security Vulnerability page on MediaTek website.