Back to all manufacturers

MediaTek

MediaTek is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

CVE-2016-0820

(json)

• CVE numbers: CVE-2016-0820 [Bulletin-CVE-2016-0820]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in MediaTek Wi-Fi Kernel Driver
• Details: The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358. [NIST-CVE-2016-0820]
• Discovered by: on: Unknown
• Reported on: 2016-03-01 [Bulletin-CVE-2016-0820]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: 6.0.1 [Bulletin-CVE-2016-0820] regex: (6.0.1)
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2016-0820]
• Fixed versions: 6.0.1 [Bulletin-CVE-2016-0820]
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-3767

(json)

• CVE numbers: CVE-2016-3767 [Bulletin-CVE-2016-3767]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek Wi-Fi driver
• Details: The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28169363 and MediaTek internal bug ALPS02689526. [NIST-CVE-2016-3767]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2016-3767]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2016-3767]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-3770

(json)

• CVE numbers: CVE-2016-3770 [Bulletin-CVE-2016-3770]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek drivers (Device specific)
• Details: The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28346752 and MediaTek internal bug ALPS02703102. [NIST-CVE-2016-3770]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2016-3770]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2016-3770]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-3771

(json)

• CVE numbers: CVE-2016-3771 [Bulletin-CVE-2016-3771]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek drivers (Device specific)
• Details: The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29007611 and MediaTek internal bug ALPS02703102. [NIST-CVE-2016-3771]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2016-3771]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2016-3771]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-3772

(json)

• CVE numbers: CVE-2016-3772 [Bulletin-CVE-2016-3772]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek drivers (Device specific)
• Details: The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008188 and MediaTek internal bug ALPS02703102. [NIST-CVE-2016-3772]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2016-3772]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2016-3772]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-3773

(json)

• CVE numbers: CVE-2016-3773 [Bulletin-CVE-2016-3773]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek drivers (Device specific)
• Details: The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008363 and MediaTek internal bug ALPS02703102. [NIST-CVE-2016-3773]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2016-3773]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2016-3773]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-3774

(json)

• CVE numbers: CVE-2016-3774 [Bulletin-CVE-2016-3774]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek drivers (Device specific)
• Details: The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008609 and MediaTek internal bug ALPS02703102. [NIST-CVE-2016-3774]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2016-3774]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2016-3774]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-3928

(json)

• CVE numbers: CVE-2016-3928 [Bulletin-CVE-2016-3928]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek video driver
• Details: The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019362 and MediaTek internal bug ALPS02829384. [NIST-CVE-2016-3928]
• Discovered by: on: Unknown
• Reported on: 2016-10-01 [Bulletin-CVE-2016-3928]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2016-3928]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-8433

(json)

• CVE numbers: CVE-2016-8433 [Bulletin-CVE-2016-8433]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek driver
• Details: An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31750190. References: MT-ALPS02974192. [NIST-CVE-2016-8433]
• Discovered by: on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8433]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2016-8433]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0500

(json)

• CVE numbers: CVE-2017-0500 [Bulletin-CVE-2017-0500]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek components
• Details: An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28429685. References: M-ALPS02710006. [NIST-CVE-2017-0500]
• Discovered by: pjf of IceSword Lab, Qihoo 360 Technology Co. Ltd. [Discovery-CVE-2017-0500] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2017-0500]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2017-0500]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0501

(json)

• CVE numbers: CVE-2017-0501 [Bulletin-CVE-2017-0501]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek components
• Details: An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28430015. References: M-ALPS02708983. [NIST-CVE-2017-0501]
• Discovered by: pjf of IceSword Lab, Qihoo 360 Technology Co. Ltd. [Discovery-CVE-2017-0501] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2017-0501]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2017-0501]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0502

(json)

• CVE numbers: CVE-2017-0502 [Bulletin-CVE-2017-0502]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek components
• Details: An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28430164. References: M-ALPS02710027. [NIST-CVE-2017-0502]
• Discovered by: pjf of IceSword Lab, Qihoo 360 Technology Co. Ltd. [Discovery-CVE-2017-0502] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2017-0502]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2017-0502]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0503

(json)

• CVE numbers: CVE-2017-0503 [Bulletin-CVE-2017-0503]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek components
• Details: An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28449045. References: M-ALPS02710075. [NIST-CVE-2017-0503]
• Discovered by: pjf of IceSword Lab, Qihoo 360 Technology Co. Ltd. [Discovery-CVE-2017-0503] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2017-0503]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2017-0503]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0504

(json)

• CVE numbers: CVE-2017-0504 [Bulletin-CVE-2017-0504]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek components
• Details: An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30074628. References: M-ALPS02829371. [NIST-CVE-2017-0504]
• Discovered by: Scott Bauer (@ScottyBauer1) [Discovery-CVE-2017-0504] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2017-0504]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2017-0504]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0505

(json)

• CVE numbers: CVE-2017-0505 [Bulletin-CVE-2017-0505]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek components
• Details: An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31822282. References: M-ALPS02992041. [NIST-CVE-2017-0505]
• Discovered by: salls (@chris_salls) of Shellphish Grill Team, UC Santa Barbara [Discovery-CVE-2017-0505] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2017-0505]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2017-0505]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0506

(json)

• CVE numbers: CVE-2017-0506 [Bulletin-CVE-2017-0506]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek components
• Details: An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-32276718. References: M-ALPS03006904. [NIST-CVE-2017-0506]
• Discovered by: Yang Song of Alibaba Mobile Security Group [Discovery-CVE-2017-0506] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2017-0506]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2017-0506]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10274

(json)

• CVE numbers: CVE-2016-10274 [Bulletin-CVE-2016-10274]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in MediaTek touchscreen driver
• Details: An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30202412. References: M-ALPS02897901. [NIST-CVE-2016-10274]
• Discovered by: Scott Bauer (@ScottyBauer1) [Discovery-CVE-2016-10274] on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2016-10274]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2016-10274]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2018-9373

(json)

• CVE numbers: CVE-2018-9373 [Bulletin-CVE-2018-9373]
• Coordinated disclosure?: unknown
• Categories: MediaTek components
• Details:
• Discovered by: on: Unknown
• Reported on: 2018-06-01 [Bulletin-CVE-2018-9373]
• Fixed on: Unknown
• Fix released on: 2018-06-05 [Bulletin-CVE-2018-9373]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: MediaTek [Bulletin-CVE-2018-9373]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25