CVE-2023-20835 - Vulnerability Details - OpenCVE

In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07326570.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Google	Android
Linuxfoundation	Yocto
Mediatek	Iot Yocto Mt6895 Mt6983 Mt8188 Mt8195 Mt8395 Mt8781

Configuration 1 [-]

AND

OR	cpe:2.3:a:linuxfoundation:yocto:4.0:::::::*
	cpe:2.3:a:mediatek:iot_yocto:23.0:::::::*
	cpe:2.3:o:google:android:12.0:::::::*
	cpe:2.3:o:google:android:13.0:::::::*

OR	cpe:2.3:h:mediatek:mt6895:-:::::::*
	cpe:2.3:h:mediatek:mt6983:-:::::::*
	cpe:2.3:h:mediatek:mt8188:-:::::::*
	cpe:2.3:h:mediatek:mt8195:-:::::::*
	cpe:2.3:h:mediatek:mt8395:-:::::::*
	cpe:2.3:h:mediatek:mt8781:-:::::::*

No data.

References

Link	Providers
https://corp.mediatek.com/product-security-bulletin/September-2023

History

Mon, 21 Oct 2024 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2023-09-04T02:27:40.600Z

Updated: 2024-10-21T16:59:12.216Z

Reserved: 2022-10-28T02:03:23.686Z

Link: CVE-2023-20835

Vulnrichment

Updated: 2024-08-02T09:14:41.159Z

NVD

Status : Modified

Published: 2023-09-04T03:15:10.183

Modified: 2024-11-21T07:41:39.357

Link: CVE-2023-20835

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-20835", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "state": "PUBLISHED", "assignerShortName": "MediaTek", "dateReserved": "2022-10-28T02:03:23.686Z", "datePublished": "2023-09-04T02:27:40.600Z", "dateUpdated": "2024-10-21T16:59:12.216Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2023-09-04T02:27:40.600Z"}, "descriptions": [{"lang": "en", "value": "In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07326570."}], "affected": [{"vendor": "MediaTek, Inc.", "product": "MT6895, MT6983, MT8188, MT8195, MT8395, MT8781", "versions": [{"version": "Android 12.0, 13.0 / IOT-v23.0 (Yocto 4.0)", "status": "affected"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Elevation of Privilege"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:14:41.159Z"}, "title": "CVE Program Container", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/September-2023", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-362", "lang": "en", "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-416", "lang": "en", "description": "CWE-416 Use After Free"}]}], "affected": [{"vendor": "mediatek", "product": "mt8781", "cpes": ["cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}, {"version": "Android 13.0", "status": "affected"}, {"version": "IOT-v23.0 (Yocto 4.0)", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-10-15T17:15:43.579088Z", "id": "CVE-2023-20835", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-21T16:59:12.216Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/September-2023", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:14:41.159Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-20835", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-15T17:15:43.579088Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8781", "versions": [{"status": "affected", "version": "Android 12.0"}, {"status": "affected", "version": "Android 13.0"}, {"status": "affected", "version": "IOT-v23.0 (Yocto 4.0)"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-362", "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-21T16:59:03.739Z"}}], "cna": {"affected": [{"vendor": "MediaTek, Inc.", "product": "MT6895, MT6983, MT8188, MT8195, MT8395, MT8781", "versions": [{"status": "affected", "version": "Android 12.0, 13.0 / IOT-v23.0 (Yocto 4.0)"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/September-2023"}], "descriptions": [{"lang": "en", "value": "In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07326570."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Elevation of Privilege"}]}], "providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2023-09-04T02:27:40.600Z"}}}, "cveMetadata": {"cveId": "CVE-2023-20835", "state": "PUBLISHED", "dateUpdated": "2024-10-21T16:59:12.216Z", "dateReserved": "2022-10-28T02:03:23.686Z", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "datePublished": "2023-09-04T02:27:40.600Z", "assignerShortName": "MediaTek"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07326570."}, {"lang": "es", "value": "En camsys, existe un posible Use After Free debido a una condici\u00f3n de carrera. Esto podr\u00eda llevar a una escalada local de privilegios con necesidad de privilegios de ejecuci\u00f3n del sistema. No es necesaria la interacci\u00f3n del usuario para la explotaci\u00f3n. ID del parche: ALPS07341261; ID de la incidencia: ALPS07326570. "}], "id": "CVE-2023-20835", "lastModified": "2024-11-21T07:41:39.357", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-09-04T03:15:10.183", "references": [{"source": "security@mediatek.com", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/September-2023"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/September-2023"}], "sourceIdentifier": "security@mediatek.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}, {"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-362"}, {"lang": "en", "value": "CWE-416"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}