Product Security Acknowledgements

Product Security Acknowledgements

The MediaTek Security Team would like to thank the following people and parties for making a responsible disclosure to us and helping to improve MediaTek security.

2021

Researchers CVEs Technical Details
Le Wu (吴乐) of Baidu Security CVE-2021-0573

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0574

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0576

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0626

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0627

There is a possible memory corruption due to an integer overflow.

CVE-2021-0628

There is a possible memory corruption due to improper input validation.

CVE-2021-0629

There is a possible memory corruption due to a use after free.

CVE-2021-0577

There is a possible out of bounds write due to a heap buffer overflow.

CVE-2021-0633

There is a possible out of bounds write due to an incorrect bounds check.

CVE-2021-0634

There is a possible memory corruption due to uninitialized data.

CVE-2021-0655

There is a possible memory corruption due to an incorrect bounds check.

CVE-2021-0656

There is a possible memory corruption due to a use after free.

CVE-2021-0415

There is a possible information disclosure due to a missing permission check.

CVE-2021-0416

There is a possible system crash due to improper input validation.

CVE-2021-0417

There is a possible system crash due to improper input validation.

CVE-2021-0418

There is a possible system crash due to improper input validation.

CVE-2021-0419

There is a possible system crash due to improper input validation.

CVE-2021-0525

There is a possible out of bounds write due to a use after free.

CVE-2021-0526

There is a possible out of bounds write due to uninitialized data.

CVE-2021-0420

There is a possible system crash due to a missing bounds check.

CVE-2021-0527

There is a possible memory corruption due to a use after free.

CVE-2021-0421

There is a possible information disclosure due to a missing bounds check.

CVE-2021-0422

There is a possible system crash due to a missing bounds check.

CVE-2021-0423

There is a possible information disclosure due to uninitialized data.

CVE-2021-0424

There is a possible system crash due to a missing bounds check.

CVE-2021-0528

There is a possible memory corruption due to a double free.

CVE-2021-0529

There is a possible memory corruption due to improper locking.

CVE-2021-0425

There is a possible side channel information disclosure.

CVE-2021-0530

There is a possible out of bounds write due to uninitialized data.

CVE-2021-0531

There is a possible memory corruption due to a use after free.

CVE-2021-0532

There is a possible memory corruption due to a race condition.

CVE-2021-0610

There is a possible memory corruption due to an integer overflow.

CVE-2021-0533

There is a possible memory corruption due to a race condition.

CVE-2021-0611

There is a possible memory corruption due to a use after free.

CVE-2021-0612

There is a possible memory corruption due to a use after free.

CVE-2021-0613

There is a possible out of bounds read due to an incorrect bounds check.

CVE-2021-0614

There is a possible out of bounds read due to an incorrect bounds check.

CVE-2021-0615

There is a possible out of bounds read due to an integer overflow.

CVE-2021-0616

There is a possible out of bounds read due to a heap buffer overflow.

CVE-2021-0617

There is a possible out of bounds read due to a heap buffer overflow.

CVE-2021-0618

There is a possible out of bounds read due to a heap buffer overflow.

CVE-2021-0619

There is a possible out of bounds read due to a missing bounds check.

CVE-2021-0620

There is a possible out of bounds read due to a heap buffer overflow.

CVE-2021-0621

There is a possible out of bounds read due to an integer overflow.

CVE-2021-0622

There is a possible out of bounds read due to a heap buffer overflow.

CVE-2021-0623

There is a possible out of bounds read due to an integer overflow.

CVE-2021-0624

There is a possible out of bounds read due to a heap buffer overflow.

CVE-2021-0625

There is a possible memory corruption due to improper locking.

CVE-2021-0489

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0490

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0492

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0493

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0494

There is a possible out of bounds write due to an integer overflow.

CVE-2021-0495

There is a possible out of bounds write due to uninitialized data.

CVE-2021-0491

There is a possible escalation of privilege due to a missing permission check.

CVE-2021-0496

There is a possible memory corruption due to a use after free.

CVE-2021-0497

There is a possible memory corruption due to a use after free.

CVE-2021-0498

There is a possible memory corruption due to a double free.

CVE-2021-0408

There is a possible out of bounds read due to an incorrect bounds check.

CVE-2021-0409

There is a possible out of bounds read due to an incorrect bounds check.

CVE-2021-0410

There is a possible out of bounds read due to an incorrect bounds check.

CVE-2021-0411

There is a possible out of bounds read due to an integer overflow.

CVE-2021-0412

There is a possible out of bounds read due to a missing bounds check.

CVE-2021-0413

There is a possible out of bounds read due to a missing bounds check.

CVE-2021-0414

There is a possible out of bounds read due to a heap buffer overflow.

CVE-2021-0407

There is a possible out of bounds write due to an incorrect bounds check.

CVE-2021-0366

There is a possible memory corruption due to a race condition.

CVE-2021-0367

There is a possible memory corruption due to a race condition.

CVE-2021-0401

There is a possible memory corruption due to a race condition.

CVE-2021-0402

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0403

There is a possible information disclosure due to a missing permission check.

CVE-2021-0405

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0406

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0354

There is a possible out of bounds write due to an integer overflow.

CVE-2021-0356

There is a possible command injection due to improper input validation.

CVE-2021-0357

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0358

There is a possible command injection due to improper input validation.

CVE-2021-0359

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0360

There is a possible out of bounds write due to an incorrect bounds check.

CVE-2021-0361

There is a possible out of bounds read due to improper input validation.

CVE-2021-0362

There is a possible memory corruption due to a stack buffer overflow.

CVE-2021-0365

There is a possible memory corruption due to a use after free.

CVE-2021-0301

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0343

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0344

There is a possible memory corruption due to a missing bounds check.

CVE-2021-0345

There is a possible escalation of privilege due to improper input validation.

CVE-2021-0346

There is a possible out of bounds write due to an incorrect bounds check.

CVE-2021-0347

There is a possible out of bounds read due to a missing bounds check.

CVE-2021-0348

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0349

There is a possible memory corruption due to a use after free.

CVE-2021-0350

There is a possible system crash due to an improper input validation.

Haikuo Xie of Singular Security Lab CVE-2021-0578

There is a possible out of bounds read due to a missing bounds check.

CVE-2021-0579

There is a possible out of bounds read due to a missing bounds check.

CVE-2021-0580

There is a possible out of bounds read due to a missing bounds check.

CVE-2021-0581

There is a possible out of bounds read due to a missing bounds check.

CVE-2021-0582

There is a possible out of bounds read due to a missing bounds check.

CVE-2021-0630

There is a possible system crash due to a missing bounds check.

CVE-2021-0631

There is a possible system crash due to a missing bounds check.

CVE-2021-0632

There is a possible out of bounds read due to a missing bounds check.

CVE-2021-0351

There is a possible system crash due to a missing bounds check.

Omri Ben Bassat and Tamir Ariel of Section 52 at Azure Defender for IoT of Microsoft Corp CVE-2021-30636

There is a possible memory corruption due to a heap-based buffer overflow.

Lewei Qu and Dongxiang Ke of Baidu AIoT Security Team CVE-2021-31573

There is a possible command injection due to improper input validation. 

CVE-2021-31574

There is a possible command injection due to improper input validation.

CVE-2021-31575

There is a possible command injection due to improper input validation.

CVE-2021-31576

There is a possible information disclosure due to a missing permission check.

CVE-2021-31577

There is a possible escalation of privilege due to a missing permission check.

CVE-2021-31578

There is a possible escalation of privilege due to a stack buffer overflow.

CVE-2021-0404

There is a possible information disclosure due to improper input validation.

CVE-2021-0353

There is a possible memory corruption due to a heap buffer overflow.

CVE-2021-0355

There is a possible out of bounds write due to an integer overflow.

CVE-2021-0363

There is a possible command injection due to a missing bounds check.

CVE-2021-0364

There is a possible command injection due to improper input validation.

QQQ of OPPO Amber Security Lab CVE-2021-0352

There is a possible memory corruption due to type confusion.

2020

Researchers CVEs Technical Details
Le Wu (吴乐) of Baidu Security CVE-2020-0455

There is a possible out of bounds write due to a missing bounds check.

CVE-2020-0456

There is a possible out of bounds write due to a missing bounds check.

CVE-2020-0457

There is a possible out of bounds write due to a missing bounds check.

CVE-2020-14948

There is a possible memory corruption due to a use after free.

CVE-2020-14216

There is a possible memory corruption due to a use after free.

CVE-2020-14949

There is a possible system crash due to a missing bounds check.

CVE-2020-0254

There is a possible out of bounds read due to an incorrect bounds check.

CVE-2020-0251

There is a possible out of bounds read due to an incorrect bounds check.

CVE-2020-0253

There is a possible memory corruption due to a use after free.

CVE-2020-0252

There is a possible memory corruption due to a use after free.

CVE-2020-0260

There is a possible out of bounds read due to an incorrect bounds check.

XUEN LI (@lxe524) and Le Wu (吴乐) of Baidu Security CVE-2020-0446

There is a possible out of bounds write due to a missing bounds check.

CVE-2020-0445

There is a possible out of bounds write due to a missing bounds check.

Sergei Volokitin of Riscure CVE-2020-0283

There is a possible out of bounds write due to a missing bounds check.

CVE-2020-0371

There is a possible out of bounds read due to a missing bounds check.

CVE-2020-0367

There is a possible out of bounds write due to a missing bounds check.

CVE-2020-0339

There is a possible out of bounds read due to a missing bounds check.

CVE-2020-0376

There is a possible out of bounds read due to a missing bounds check.

Manish Patel of Green Hills Software CVE-2020-0342

There is a possible out of bounds write due to an incorrect bounds check.

Ian Thompson of Green Hills Software CVE-2020-0278

There is a possible out of bounds write due to an incorrect bounds check.

CVE-2020-0231

There is a possible out of bounds write due to an incorrect bounds check.