CVE-2021-32487

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500736; Issue ID: ALPS04938456.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:mediatek:modem:lr12a:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:modem:lr13:*:*:*:*:*:*:*
OR cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:07

Type Values Removed Values Added
References () https://corp.mediatek.com/product-security-bulletin/September-2021 - Vendor Advisory () https://corp.mediatek.com/product-security-bulletin/September-2021 - Vendor Advisory

21 Sep 2021, 19:40

Type Values Removed Values Added
CWE CWE-787
References (MISC) https://corp.mediatek.com/product-security-bulletin/September-2021 - (MISC) https://corp.mediatek.com/product-security-bulletin/September-2021 - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 7.8
v3 : 7.5
CPE cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:modem:lr13:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:modem:lr12a:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*

09 Sep 2021, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-09-09 16:15

Updated : 2024-11-21 06:07


NVD link : CVE-2021-32487

Mitre link : CVE-2021-32487

CVE.ORG link : CVE-2021-32487


JSON object : View

Products Affected

mediatek

  • mt6785
  • modem
  • mt6768
  • mt6771
  • mt6769z
  • mt6779
  • mt6765t
  • mt6762d
  • mt6767
  • mt6785t
  • mt6761
  • mt6762m
  • mt6783
  • mt6769
  • mt6763
  • mt6762
  • mt6769t
  • mt6739
  • mt6765
CWE
CWE-787

Out-of-bounds Write