VDB
CNVD-2022-66252
CNVD-2022-66252
PUBLISHED
联发科技股份有限公司(MediaTek Inc.)是全球第四大晶圆厂半导体公司,在移动终端、智能家居应用、无线连接技术及物联网产品等市场位居领先地位,一年约有15亿台内建MediaTek芯片的终端产品在全球各地上市。 多款MediaTek芯片蓝牙存在缓冲区溢出漏洞,该漏洞源于在蓝牙中缺少边界检查。攻击者可利用漏洞在不需要用户交互的前提条件,进行本地权限提升。
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| MediaTek MT8175 Android12.0 | ||
| MediaTek MT8365 Android 8.1 | ||
| MediaTek MT8175 Android11.0 | ||
| MediaTek MT8362A Android11.0 | ||
| MediaTek MT8385 Android10.0 | ||
| MediaTek MT8167 Android11.0 | ||
| MediaTek MT8385 Android9.0 | ||
| MediaTek MT8365 Android12.0 | ||
| MediaTek MT8362A Android12.0 | ||
| MediaTek MT8183 Android 8.1 | ||
| MediaTek MT8385 Android12.0 | ||
| MediaTek MT8167 Android12.0 | ||
| MediaTek MT8167 Android9.0 | ||
| MediaTek MT8385 Android 8.1 | ||
| MediaTek MT8183 Android9.0 | ||
| MediaTek MT8175 Android 8.1 | ||
| MediaTek MT8362A Android 8.1 | ||
| MediaTek MT8362A Android10.0 | ||
| MediaTek MT8167 Android10.0 | ||
| MediaTek MT8385 Android11.0 |
…and 10 more
Timeline
- Jul 8, 2022 CVE ID Reserved
- Sep 29, 2022 CVE Published