Details of VAR-202207-0322

ID

VAR-202207-0322

CVE

CVE-2022-21779

TITLE

Google of Android Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-012848

DESCRIPTION

In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704393. Google of Android Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. MediaTek Inc. is the world's fourth largest fab semiconductor company, with a leading position in mobile terminals, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion units a year End products with built-in MediaTek chips are available worldwide. Several MediaTek chip WLAN drivers have an input validation error vulnerability. An attacker could exploit the vulnerability to escalate local privileges without requiring user interaction

Trust: 2.25

sources: NVD: CVE-2022-21779 // JVNDB: JVNDB-2022-012848 // CNVD: CNVD-2022-66249 // VULMON: CVE-2022-21779

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-66249

AFFECTED PRODUCTS

vendor:	google	model:	android	scope:	eq	version:	11.0	Trust: 1.8
vendor:	google	model:	android	scope:	eq	version:	12.0	Trust: 1.8
vendor:	google	model:	android	scope:	eq	version:	-	Trust: 0.8
vendor:	google	model:	android	scope:	-	version:	-	Trust: 0.8
vendor:	mediatek	model:	mt8168 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8168 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8365 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8365 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8696 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8696 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6761 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6761 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6779 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6779 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6781 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6781 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6833 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6833 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6873 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6873 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6877 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6877 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6883 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6883 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6885 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6885 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6889 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6889 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6983 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6983 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8667 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8667 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8675 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8675 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8766 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8766 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8768 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8768 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8786 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8786 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8788 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8788 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8789 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8789 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8797 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8797 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6853 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6853 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6879 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6879 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6893 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6893 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6895 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt6895 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8167s android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8167s android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8183 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8183 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8185 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8185 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8362a android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8362a android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8385 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8385 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8791 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8791 android12.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8175 android11.0	scope:	-	version:	-	Trust: 0.6
vendor:	mediatek	model:	mt8175 android12.0	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2022-66249 // JVNDB: JVNDB-2022-012848 // NVD: CVE-2022-21779

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-21779
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-21779
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2022-66249
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202207-466
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2022-21779
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-21779
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2022-66249
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2022-21779
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-21779
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2022-66249 // VULMON: CVE-2022-21779 // JVNDB: JVNDB-2022-012848 // CNNVD: CNNVD-202207-466 // NVD: CVE-2022-21779

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.0
problemtype:	Out-of-bounds writing (CWE-787) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-012848 // NVD: CVE-2022-21779

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202207-466

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202207-466

PATCH

title:	Patch for Multiple MediaTek chip WLAN driver input validation error vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/353606	Trust: 0.6
title:	Google Android Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=199240	Trust: 0.6

sources: CNVD: CNVD-2022-66249 // CNNVD: CNNVD-202207-466

EXTERNAL IDS

db:	NVD	id:	CVE-2022-21779	Trust: 3.9
db:	JVNDB	id:	JVNDB-2022-012848	Trust: 0.8
db:	CNVD	id:	CNVD-2022-66249	Trust: 0.6
db:	CS-HELP	id:	SB2022070819	Trust: 0.6
db:	CNNVD	id:	CNNVD-202207-466	Trust: 0.6
db:	VULMON	id:	CVE-2022-21779	Trust: 0.1

sources: CNVD: CNVD-2022-66249 // VULMON: CVE-2022-21779 // JVNDB: JVNDB-2022-012848 // CNNVD: CNNVD-202207-466 // NVD: CVE-2022-21779

REFERENCES

url:	https://corp.mediatek.com/product-security-bulletin/july-2022	Trust: 3.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-21779	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2022070819	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-21779/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/787.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2022-66249 // VULMON: CVE-2022-21779 // JVNDB: JVNDB-2022-012848 // CNNVD: CNNVD-202207-466 // NVD: CVE-2022-21779

SOURCES

db:	CNVD	id:	CNVD-2022-66249
db:	VULMON	id:	CVE-2022-21779
db:	JVNDB	id:	JVNDB-2022-012848
db:	CNNVD	id:	CNNVD-202207-466
db:	NVD	id:	CVE-2022-21779

LAST UPDATE DATE

2024-08-14T12:46:16.815000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-66249	date:	2022-09-28T00:00:00
db:	VULMON	id:	CVE-2022-21779	date:	2022-07-13T00:00:00
db:	JVNDB	id:	JVNDB-2022-012848	date:	2023-09-01T08:17:00
db:	CNNVD	id:	CNNVD-202207-466	date:	2022-07-14T00:00:00
db:	NVD	id:	CVE-2022-21779	date:	2022-07-13T16:18:00.790

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-66249	date:	2022-09-29T00:00:00
db:	VULMON	id:	CVE-2022-21779	date:	2022-07-06T00:00:00
db:	JVNDB	id:	JVNDB-2022-012848	date:	2023-09-01T00:00:00
db:	CNNVD	id:	CNNVD-202207-466	date:	2022-07-06T00:00:00
db:	NVD	id:	CVE-2022-21779	date:	2022-07-06T14:15:17.837