CVE-2021-0629 - OpenCVE

In mdlactl driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05776625; Issue ID: ALPS05776625.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Mediatek	Mt6875 Mt9686 Mt6893 Mt9970 Mt9638 Mt8195 Mt6885 Mt9669 Mt8791 Mt9650 Mt6873 Mt9639 Mt8797 Mt9652 Mt6889 Mt9980 Mt6883 Mt9981 Mt6891 Mt9636
Google	Android

Configuration 1 [-]

AND

OR	cpe:2.3:o:google:android:10.0:::::::*
	cpe:2.3:o:google:android:11.0:::::::*

OR	cpe:2.3:h:mediatek:mt6873:-:::::::*
	cpe:2.3:h:mediatek:mt6875:-:::::::*
	cpe:2.3:h:mediatek:mt6883:-:::::::*
	cpe:2.3:h:mediatek:mt6885:-:::::::*
	cpe:2.3:h:mediatek:mt6889:-:::::::*
	cpe:2.3:h:mediatek:mt6891:-:::::::*
	cpe:2.3:h:mediatek:mt6893:-:::::::*
	cpe:2.3:h:mediatek:mt8195:-:::::::*
	cpe:2.3:h:mediatek:mt8791:-:::::::*
	cpe:2.3:h:mediatek:mt8797:-:::::::*
	cpe:2.3:h:mediatek:mt9636:-:::::::*
	cpe:2.3:h:mediatek:mt9638:-:::::::*
	cpe:2.3:h:mediatek:mt9639:-:::::::*
	cpe:2.3:h:mediatek:mt9650:-:::::::*
	cpe:2.3:h:mediatek:mt9652:-:::::::*
	cpe:2.3:h:mediatek:mt9669:-:::::::*
	cpe:2.3:h:mediatek:mt9686:-:::::::*
	cpe:2.3:h:mediatek:mt9970:-:::::::*
	cpe:2.3:h:mediatek:mt9980:-:::::::*
	cpe:2.3:h:mediatek:mt9981:-:::::::*

References

Link	Resource
https://corp.mediatek.com/product-security-bulletin/November-2021	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: google_android

Published: 2021-11-18T14:56:02

Updated: 2021-11-18T14:56:02

Reserved: 2020-11-06T00:00:00

Link: CVE-2021-0629

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-11-18T15:15:08.397

Modified: 2021-11-19T17:49:19.033

Link: CVE-2021-0629

JSON object: View

Redhat Information

No data.

CWE

CWE-416

{"containers": {"cna": {"affected": [{"product": "MT6873, MT6875, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9686, MT9970, MT9980, MT9981", "vendor": "n/a", "versions": [{"status": "affected", "version": "Android 10.0, 11.0"}]}], "descriptions": [{"lang": "en", "value": "In mdlactl driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05776625; Issue ID: ALPS05776625."}], "problemTypes": [{"descriptions": [{"description": "Elevation of Privilege", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-11-18T14:56:02", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://corp.mediatek.com/product-security-bulletin/November-2021"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@android.com", "ID": "CVE-2021-0629", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "MT6873, MT6875, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9686, MT9970, MT9980, MT9981", "version": {"version_data": [{"version_value": "Android 10.0, 11.0"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In mdlactl driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05776625; Issue ID: ALPS05776625."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Elevation of Privilege"}]}]}, "references": {"reference_data": [{"name": "https://corp.mediatek.com/product-security-bulletin/November-2021", "refsource": "MISC", "url": "https://corp.mediatek.com/product-security-bulletin/November-2021"}]}}}}, "cveMetadata": {"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2021-0629", "datePublished": "2021-11-18T14:56:02", "dateReserved": "2020-11-06T00:00:00", "dateUpdated": "2021-11-18T14:56:02", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", "matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*", "matchCriteriaId": "11B89606-5FD7-4513-984A-16217D37BF4B", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*", "matchCriteriaId": "76F4FC23-534B-449A-8344-1F13AE9C8C57", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*", "matchCriteriaId": "392C9A58-EAB1-44B5-B189-98C68CC23199", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*", "matchCriteriaId": "2D0EF507-52A0-45D1-AC26-97F765E691FC", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*", "matchCriteriaId": "C826242C-440E-4D85-841E-570E9C69777C", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*", "matchCriteriaId": "8531FD76-C0C1-45FE-8FDC-26402FF8BFA5", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*", "matchCriteriaId": "4B429106-36BE-42F2-8D05-FB9EF00BDFBA", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9970:-:*:*:*:*:*:*:*", "matchCriteriaId": "961C13C3-2C3D-46B1-A618-D45920EC5E95", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9980:-:*:*:*:*:*:*:*", "matchCriteriaId": "16B4C37E-B6CA-4176-B98D-E1C9E66472EA", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9981:-:*:*:*:*:*:*:*", "matchCriteriaId": "62282860-5EAF-45EA-B36E-6B6F124C3096", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In mdlactl driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05776625; Issue ID: ALPS05776625."}, {"lang": "es", "value": "En mdlactl driver, se presenta una posible corrupci\u00f3n de memoria debido a un uso de memoria previamente liberadaa. Esto podr\u00eda conllevar a una escalada de privilegios local con privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05776625; ID del Problema: ALPS05776625."}], "id": "CVE-2021-0629", "lastModified": "2021-11-19T17:49:19.033", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-11-18T15:15:08.397", "references": [{"source": "security@android.com", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/November-2021"}], "sourceIdentifier": "security@android.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}