Vulnerability Description
In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | 10.0 | |
| Mediatek | Mt6580 | - |
| Mediatek | Mt6582 90 | - |
| Mediatek | Mt6582E | - |
| Mediatek | Mt6582H | - |
| Mediatek | Mt6582T | - |
| Mediatek | Mt6582W | - |
| Mediatek | Mt6589 | - |
| Mediatek | Mt6589Td | - |
| Mediatek | Mt6592 90 | - |
| Mediatek | Mt6592E | - |
| Mediatek | Mt6592H | - |
| Mediatek | Mt6592T | - |
| Mediatek | Mt6592W | - |
| Mediatek | Mt6595 | - |
| Mediatek | Mt6731 | - |
| Mediatek | Mt6732 | - |
| Mediatek | Mt6735 | - |
| Mediatek | Mt6737 | - |
| Mediatek | Mt6739 | - |
Related Weaknesses (CWE)
References
- https://corp.mediatek.com/product-security-bulletin/September-2021Vendor Advisory
- https://corp.mediatek.com/product-security-bulletin/September-2021Vendor Advisory
FAQ
What is CVE-2021-0612?
CVE-2021-0612 is a vulnerability with a CVSS score of 7.8 (HIGH). In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for expl...
How severe is CVE-2021-0612?
CVE-2021-0612 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-0612?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android, Mediatek Mt6580, Mediatek Mt6582 90, Mediatek Mt6582E, Mediatek Mt6582H.