Vulnerability Description
In video, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08235273.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | 12.0 | |
| Mediatek | Mt6883 | - |
| Mediatek | Mt6885 | - |
| Mediatek | Mt6889 | - |
| Mediatek | Mt6893 | - |
| Mediatek | Mt6895 | - |
| Mediatek | Mt6983 | - |
| Mediatek | Mt6985 | - |
| Mediatek | Mt8797 | - |
| Mediatek | Mt8798 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/175662/Android-mtk_jpeg-Driver-Race-Conditi
- https://corp.mediatek.com/product-security-bulletin/November-2023Vendor Advisory
- http://packetstormsecurity.com/files/175662/Android-mtk_jpeg-Driver-Race-Conditi
- https://corp.mediatek.com/product-security-bulletin/November-2023Vendor Advisory
FAQ
What is CVE-2023-32832?
CVE-2023-32832 is a vulnerability with a CVSS score of 7.0 (HIGH). In video, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...
How severe is CVE-2023-32832?
CVE-2023-32832 has been rated HIGH with a CVSS base score of 7.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-32832?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android, Mediatek Mt6883, Mediatek Mt6885, Mediatek Mt6889, Mediatek Mt6893.