Product Security Acknowledgements

Product Security Acknowledgements

The MediaTek Security Team would like to thank the following people and parties for making a responsible disclosure to us and helping to improve MediaTek security.

2021

Researchers CVEs Technical Details
Omri Ben Bassat and Tamir Ariel of Section 52 at Azure Defender for IoT of Microsoft Corp CVE-2021-30636

There is a possible memory corruption due to a heap-based buffer overflow.

Le Wu (吴乐) of Baidu Security CVE-2021-0407

There is a possible out of bounds write due to an incorrect bounds check.

CVE-2021-0366

There is a possible memory corruption due to a race condition.

CVE-2021-0367

There is a possible memory corruption due to a race condition.

CVE-2021-0401

There is a possible memory corruption due to a race condition.

CVE-2021-0402

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0403

There is a possible information disclosure due to a missing permission check.

CVE-2021-0405

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0406

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0354

There is a possible out of bounds write due to an integer overflow.

CVE-2021-0356

There is a possible command injection due to improper input validation.

CVE-2021-0357

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0358

There is a possible command injection due to improper input validation.

CVE-2021-0359

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0360

There is a possible out of bounds write due to an incorrect bounds check.

CVE-2021-0361

There is a possible out of bounds read due to improper input validation.

CVE-2021-0362

There is a possible memory corruption due to a stack buffer overflow.

CVE-2021-0365

There is a possible memory corruption due to a use after free.

CVE-2021-0301

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0343

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0344

There is a possible memory corruption due to a missing bounds check.

CVE-2021-0345

There is a possible escalation of privilege due to improper input validation.

CVE-2021-0346

There is a possible out of bounds write due to an incorrect bounds check.

CVE-2021-0347

There is a possible out of bounds read due to a missing bounds check.

CVE-2021-0348

There is a possible out of bounds write due to a missing bounds check.

CVE-2021-0349

There is a possible memory corruption due to a use after free.

CVE-2021-0350

There is a possible system crash due to an improper input validation.

Lewei Qu and Dongxiang Ke of Baidu AIoT Security Team CVE-2021-0404

There is a possible information disclosure due to improper input validation.

CVE-2021-0353

There is a possible memory corruption due to a heap buffer overflow.

CVE-2021-0355

There is a possible out of bounds write due to an integer overflow.

CVE-2021-0363

There is a possible command injection due to a missing bounds check.

CVE-2021-0364

There is a possible command injection due to improper input validation.

QQQ of OPPO Amber Security Lab CVE-2021-0352

There is a possible memory corruption due to type confusion.

Haikuo Xie of Singular Security Lab CVE-2021-0351

There is a possible system crash due to a missing bounds check.

2020

Researchers CVEs Technical Details
Le Wu (吴乐) of Baidu Security CVE-2020-0455

There is a possible out of bounds write due to a missing bounds check.

CVE-2020-0456

There is a possible out of bounds write due to a missing bounds check.

CVE-2020-0457

There is a possible out of bounds write due to a missing bounds check.

CVE-2020-14948

There is a possible memory corruption due to a use after free.

CVE-2020-14216

There is a possible memory corruption due to a use after free.

CVE-2020-14949

There is a possible system crash due to a missing bounds check.

CVE-2020-0254

There is a possible out of bounds read due to an incorrect bounds check.

CVE-2020-0251

There is a possible out of bounds read due to an incorrect bounds check.

CVE-2020-0253

There is a possible memory corruption due to a use after free.

CVE-2020-0252

There is a possible memory corruption due to a use after free.

CVE-2020-0260

There is a possible out of bounds read due to an incorrect bounds check.

XUEN LI (@lxe524) and Le Wu (吴乐) of Baidu Security CVE-2020-0446

There is a possible out of bounds write due to a missing bounds check.

CVE-2020-0445

There is a possible out of bounds write due to a missing bounds check.

Sergei Volokitin of Riscure CVE-2020-0283

There is a possible out of bounds write due to a missing bounds check.

CVE-2020-0371

There is a possible out of bounds read due to a missing bounds check.

CVE-2020-0367

There is a possible out of bounds write due to a missing bounds check.

CVE-2020-0339

There is a possible out of bounds read due to a missing bounds check.

CVE-2020-0376

There is a possible out of bounds read due to a missing bounds check.

Manish Patel of Green Hills Software CVE-2020-0342

There is a possible out of bounds write due to an incorrect bounds check.

Ian Thompson of Green Hills Software CVE-2020-0278

There is a possible out of bounds write due to an incorrect bounds check.

CVE-2020-0231

There is a possible out of bounds write due to an incorrect bounds check.