Vulnerability Name:

CVE-2022-20107 (CCN-225692)

Assigned:2021-10-12
Published:2022-05-03
Updated:2022-05-12
Summary:In subtitle service, there is a possible application crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330673; Issue ID: DTV03330673.
CVSS v3 Severity:4.4 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
3.9 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
4.4 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
3.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-190
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2022-20107

Source: CCN
Type: MediaTek Web site
May 2022 Product Security Bulletin

Source: MISC
Type: Vendor Advisory
https://corp.mediatek.com/product-security-bulletin/May-2022

Source: XF
Type: UNKNOWN
mediatek-cve202220107-dos(225692)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:google:android:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:google:android:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:google:android:11.0:*:*:*:*:*:*:*
  • AND
  • cpe:/h:mediatek:mt9629:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9631:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9632:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9636:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9638:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9639:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9650:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9652:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9669:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9670:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9011:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9215:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9216:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9220:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9221:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9255:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9256:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9266:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9269:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9285:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9286:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9288:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9600:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9602:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9610:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9611:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9675:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9685:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9686:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9688:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9612:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9613:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9615:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9617:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9630:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9666:-:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:linux:linux_kernel:4.9:-:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:4.19:-:*:*:*:*:*:*
  • AND
  • cpe:/h:mediatek:mt9629:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9631:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9632:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9636:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9638:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9639:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9650:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9652:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9669:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9670:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9011:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9215:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9216:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9220:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9221:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9255:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9256:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9266:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9269:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9285:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9286:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9288:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9600:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9602:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9610:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9611:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9675:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9685:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9686:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9688:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9612:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9613:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9615:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9617:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9630:-:*:*:*:*:*:*:*
  • OR cpe:/h:mediatek:mt9666:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    google android 9.0
    google android 10.0
    google android 11.0
    mediatek mt9629 -
    mediatek mt9631 -
    mediatek mt9632 -
    mediatek mt9636 -
    mediatek mt9638 -
    mediatek mt9639 -
    mediatek mt9650 -
    mediatek mt9652 -
    mediatek mt9669 -
    mediatek mt9670 -
    mediatek mt9011 -
    mediatek mt9215 -
    mediatek mt9216 -
    mediatek mt9220 -
    mediatek mt9221 -
    mediatek mt9255 -
    mediatek mt9256 -
    mediatek mt9266 -
    mediatek mt9269 -
    mediatek mt9285 -
    mediatek mt9286 -
    mediatek mt9288 -
    mediatek mt9600 -
    mediatek mt9602 -
    mediatek mt9610 -
    mediatek mt9611 -
    mediatek mt9675 -
    mediatek mt9685 -
    mediatek mt9686 -
    mediatek mt9688 -
    mediatek mt9612 -
    mediatek mt9613 -
    mediatek mt9615 -
    mediatek mt9617 -
    mediatek mt9630 -
    mediatek mt9666 -
    linux linux kernel 4.9
    linux linux kernel 4.19
    mediatek mt9629 -
    mediatek mt9631 -
    mediatek mt9632 -
    mediatek mt9636 -
    mediatek mt9638 -
    mediatek mt9639 -
    mediatek mt9650 -
    mediatek mt9652 -
    mediatek mt9669 -
    mediatek mt9670 -
    mediatek mt9011 -
    mediatek mt9215 -
    mediatek mt9216 -
    mediatek mt9220 -
    mediatek mt9221 -
    mediatek mt9255 -
    mediatek mt9256 -
    mediatek mt9266 -
    mediatek mt9269 -
    mediatek mt9285 -
    mediatek mt9286 -
    mediatek mt9288 -
    mediatek mt9600 -
    mediatek mt9602 -
    mediatek mt9610 -
    mediatek mt9611 -
    mediatek mt9675 -
    mediatek mt9685 -
    mediatek mt9686 -
    mediatek mt9688 -
    mediatek mt9612 -
    mediatek mt9613 -
    mediatek mt9615 -
    mediatek mt9617 -
    mediatek mt9630 -
    mediatek mt9666 -