CVE-2024-20102

MEDIUM Year: 2024
CVSS v3 Score
4.9
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998892; Issue ID: MSV-1601.

Related Vulnerabilities

CVE-2018-17206

MEDIUM
CVSS:4.9(Medium)

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding.

CWE-1252018

CVE-2019-9431

MEDIUM
CVSS:4.9(Medium)

In Bluetooth, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with heap information written to the log with System execution privileges...

CWE-1252019

CVE-2019-9434

MEDIUM
CVSS:4.9(Medium)

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with heap information written to the log with System execution priv...

CWE-1252019

CVE-2020-0157

MEDIUM
CVSS:4.9(Medium)

In nfa_hci_conn_cback of nfa_hci_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure via compromised device firmware with Sy...

CWE-1252020

CVE-2020-0348

MEDIUM
CVSS:4.9(Medium)

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with System execution privileges needed. User interaction is not...

CWE-1252020

CVE-2021-0660

MEDIUM
CVSS:4.9(Medium)

In ccu, there is a possible out of bounds read due to incorrect error handling. This could lead to information disclosure with System execution privileges needed. User interaction is not needed for ex...

CWE-1252021