Overview CVE-2025-20791 is a critical vulnerability affecting MediaTek modem components. This flaw stems from incorrect error handling within the modem firmware, potentially leading to a system crash. A successful exploit can result in a remote denial-of-service (DoS) condition, effectively rendering the affected device unusable. The vulnerability is particularly concerning as it requires no user interaction and can be triggered remotely by a malicious actor controlling a rogue base station. Technical Details The specific vulnerability, identified as Issue ID MSV-4298, arises from improper error handling within the modem software. When a User Equipment (UE) connects to a rogue base station controlled…
-
-
Overview CVE-2025-20790 describes a vulnerability in the modem component that could lead to a system crash and subsequent remote denial of service (DoS). This vulnerability stems from improper input validation within the modem’s firmware. An attacker could exploit this vulnerability by controlling a rogue base station and forcing a vulnerable device to connect to it. Upon connection and receiving malicious data, the modem would crash, resulting in a DoS condition. Technical Details The vulnerability resides in the modem component. Specifically, the improper input validation allows a specially crafted input to trigger a system crash. An attacker needs to set up…
-
Overview CVE-2025-20789 describes a potential information disclosure vulnerability found within the GPU PDMA (Peripheral Direct Memory Access) component. A missing bounds check could allow a malicious actor to potentially access sensitive information. Exploitation of this vulnerability requires local access and user interaction. Technical Details The vulnerability stems from the lack of proper bounds checking within the GPU PDMA implementation. Specifically, when handling memory access requests through the PDMA, the system fails to validate the requested memory address against allocated boundaries. This oversight could potentially allow a local attacker, with sufficient knowledge of the system’s memory layout and after some form…
-
Overview CVE-2025-20788 describes a memory corruption vulnerability discovered in the GPU PDMA (Peripheral Direct Memory Access) implementation. The flaw stems from a missing permission check, potentially allowing a local attacker to trigger a denial-of-service (DoS) condition. Exploitation requires user interaction. A patch is available to address this issue. Technical Details The vulnerability resides within the GPU PDMA subsystem. The missing permission check could allow an attacker to manipulate memory regions in an unintended manner. This unauthorized memory access can lead to memory corruption, causing the device to crash or become unstable. The assigned Patch ID for this issue is ALPS10117735…
-
Overview CVE-2025-20777 describes a critical vulnerability found in MediaTek display drivers. This vulnerability allows for a local escalation of privilege, meaning an attacker who has already gained System privilege on the device could potentially elevate their privileges further and gain more control over the system. The vulnerability stems from a missing bounds check, leading to a potential out-of-bounds write. No user interaction is required to exploit this flaw once the attacker has the initial system privilege. Technical Details The vulnerability is located within the display driver component of MediaTek devices. Specifically, a missing bounds check allows for an out-of-bounds write…
-
Overview CVE-2025-20776 describes a potential security vulnerability within MediaTek’s display driver. This vulnerability, if exploited, could allow a local attacker who has already achieved System privilege to escalate their privileges further. User interaction is *not* required for successful exploitation once the initial System privilege is obtained. Technical Details The root cause of CVE-2025-20776 lies in a missing bounds check within the display driver code. Specifically, the vulnerability exists in the processing of display data where an out-of-bounds read can occur. This happens because the driver fails to properly validate the size or index of data being accessed, leading to the…
-
Overview CVE-2025-20775 is a security vulnerability affecting MediaTek display drivers. This use-after-free vulnerability could allow a malicious actor, who has already obtained System privilege, to escalate their privileges further on a vulnerable device. Exploitation does not require user interaction. The vulnerability has been assigned Patch ID ALPS10182914 and Issue ID MSV-4795. Technical Details The vulnerability stems from a use-after-free condition within the MediaTek display driver. Use-after-free vulnerabilities occur when memory that has been freed is accessed again. In this specific case, the display driver might attempt to access a memory location that has already been deallocated, leading to memory corruption…
-
Overview CVE-2025-20774 describes a security vulnerability in MediaTek’s display driver. This vulnerability is an out-of-bounds write issue stemming from a missing bounds check within the display component. Exploitation of this vulnerability could allow a local attacker, who has already gained System privileges, to escalate their privileges further. The vulnerability has been assigned Patch ID ALPS10196993 and Issue ID MSV-4796 by MediaTek. Technical Details The root cause of CVE-2025-20774 is a missing bounds check in the display driver code. Without proper validation of input sizes or array indices, a malicious actor can potentially write data outside of the allocated memory buffer.…
-
Overview CVE-2025-20773 is a security vulnerability affecting MediaTek display drivers. This vulnerability is a use-after-free issue that, under specific circumstances, can lead to a local escalation of privilege. A successful exploit requires the attacker to have already obtained System privilege on the affected device. The vulnerability, identified by Patch ID ALPS10196993 and Issue ID MSV-4797, does not require user interaction for exploitation. Technical Details The root cause of CVE-2025-20773 is a use-after-free vulnerability within the display driver. This means that the driver attempts to access memory that has already been freed. This can occur due to race conditions, improper memory…
-
Overview CVE-2025-20772 is a security vulnerability affecting MediaTek display drivers. This vulnerability, classified as a use-after-free, could allow a local attacker with existing System privileges to escalate their privileges further. Exploitation of this vulnerability does not require user interaction. A patch, identified as ALPS10196993, addresses this issue. Technical Details The vulnerability lies in the display driver code where a memory corruption due to a use-after-free condition can occur. Specifically, a memory location is freed, but the driver continues to access it. This can lead to unpredictable behavior, including arbitrary code execution if the freed memory is reallocated to a malicious…