CVE-2024-20012

MEDIUM Year: 2024
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-843
View all →

Vulnerability Description

In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358566; Issue ID: ALPS08358566.

Related Vulnerabilities

CVE-2022-26433

MEDIUM
CVSS:6.7(Medium)

In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ...

CWE-8432022

CVE-2023-20616

MEDIUM
CVSS:6.7(Medium)

In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for explo...

CWE-8432023

CVE-2023-20673

MEDIUM
CVSS:6.7(Medium)

In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploi...

CWE-8432023

CVE-2023-20768

MEDIUM
CVSS:6.7(Medium)

In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for explo...

CWE-8432023

CVE-2023-21056

MEDIUM
CVSS:6.7(Medium)

In lwis_slc_buffer_free of lwis_device_slc.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. Use...

CWE-8432023

CVE-2023-32818

MEDIUM
CVSS:6.7(Medium)

In vdec, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exp...

CWE-8432023