The MediaTek Product Security Bulletin contains details of security vulnerabilities affecting MediaTek smartphone chipsets. Device OEMs have been notified of all the issues and the corresponding security patches for at least a month before publication.

The severity of the identified vulnerabilities was conducted based on the Common Vulnerability Scoring System version 3.1 (CVSS v3.1).


Summary

Severity CVEs
High CVE-2021-0681, CVE-2021-0680
Medium CVE-2021-0421, CVE-2021-0422, CVE-2021-0423, CVE-2021-0424, CVE-2021-0425, CVE-2021-0610, CVE-2021-0611, CVE-2021-0612, CVE-2021-0660, CVE-2021-32484, CVE-2021-32485, CVE-2021-32486, CVE-2021-32487


Details

CVE CVE-2021-0681
Title Exposure of sensitive information to an unauthorized actor in system properties
Severity High
Vulnerability Type ID
CWE CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Description In system properties, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 8.1, 9.0, 10.0, 11.0

CVE CVE-2021-0680
Title Exposure of sensitive information to an unauthorized actor in system properties
Severity High
Vulnerability Type ID
CWE CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Description In system properties, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6735, MT6739, MT6750S, MT6755S, MT6757CD, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785
Affected Software Versions Android 8.1, 9.0, 10.0

CVE CVE-2021-0421
Title Out-of-bounds read in memory management driver
Severity Medium
Vulnerability Type ID
CWE CWE-125 Out-of-bounds Read
Description In memory management driver, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0422
Title Denial of service in memory management driver
Severity Medium
Vulnerability Type DoS
CWE CWE-400 Denial of Service
Description In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0423
Title Information disclosure in memory management driver
Severity Medium
Vulnerability Type ID
CWE CWE-200 Information Disclosure
Description In memory management driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0424
Title Denial of service in memory management driver
Severity Medium
Vulnerability Type DoS
CWE CWE-400 Denial of Service
Description In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0425
Title Information disclosure in memory management driver
Severity Medium
Vulnerability Type ID
CWE CWE-200 Information Disclosure
Description In memory management driver, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0610
Title Integer overflow or wraparound in memory management driver
Severity Medium
Vulnerability Type EoP
CWE CWE-190 Integer Overflow or Wraparound
Description In memory management driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0611
Title Use after free in m4u
Severity Medium
Vulnerability Type EoP
CWE CWE-416 Use After Free
Description In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0612
Title Use after free in m4u
Severity Medium
Vulnerability Type EoP
CWE CWE-416 Use After Free
Description In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0660
Title Improper check or handling of exceptional conditions in ccu
Severity Medium
Vulnerability Type ID
CWE CWE-703 Improper Check or Handling of Exceptional Conditions
Description In ccu, there is a possible out of bounds read due to incorrect error handling. This could lead to information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6779, MT6853, MT6873, MT6885
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-32484
Title Heap-based buffer overflow in Modem 2G RRM
Severity Medium
Vulnerability Type DoS
CWE CWE-122 Heap-based Buffer Overflow
Description In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6785T, MT6785, MT6783, MT6779, MT6768, MT6769, MT6769T, MT6769Z, MT6767, MT6761, MT6765T, MT6765, MT6762M, MT6762, MT6762D, MT6771, MT6739, MT6763
Affected Software Versions Modem LR12A, LR13

CVE CVE-2021-32485
Title Heap-based buffer overflow in Modem 2G RRM
Severity Medium
Vulnerability Type DoS
CWE CWE-122 Heap-based Buffer Overflow
Description In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6785T, MT6785, MT6783, MT6779, MT6768, MT6769, MT6769T, MT6769Z, MT6767, MT6761, MT6765T, MT6765, MT6762M, MT6762, MT6762D, MT6771, MT6739, MT6763
Affected Software Versions Modem LR12A, LR13

CVE CVE-2021-32486
Title Heap-based buffer overflow in Modem 2G RRM
Severity Medium
Vulnerability Type DoS
CWE CWE-122 Heap-based Buffer Overflow
Description In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6785T, MT6785, MT6783, MT6779, MT6768, MT6769, MT6769T, MT6769Z, MT6767, MT6761, MT6765T, MT6765, MT6762M, MT6762, MT6762D, MT6771, MT6739, MT6763
Affected Software Versions Modem LR12A, LR13

CVE CVE-2021-32487
Title Heap-based buffer overflow in Modem 2G RRM
Severity Medium
Vulnerability Type DoS
CWE CWE-122 Heap-based Buffer Overflow
Description In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6785T, MT6785, MT6783, MT6779, MT6768, MT6769, MT6769T, MT6769Z, MT6767, MT6761, MT6765T, MT6765, MT6762M, MT6762, MT6762D, MT6771, MT6739, MT6763
Affected Software Versions Modem LR12A, LR13


Vulnerability Type Definition

Abbreviation Definition
RCE Remote Code Execution
EoP Elevation of Privilege
ID Information Disclosure
DoS Denial of Service
N/A Classification not available


Versions

Version Date Description
1.0 September 1, 2021 Bulletin published.


Notes

Information above is generated only at the time of creation of this Security Bulletin. The list of affected chipsets could be not complete. For any further information, device OEMs can reach your MediaTek contact person if needed.

If you want to report a security vulnerability in MediaTek chipsets or products, please go to Report Security Vulnerability page on MediaTek website.