CVE-2021-0422

Description

In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05381071.

References

Link	Tags
https://corp.mediatek.com/product-security-bulletin/September-2021	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2021-0422?: CVE-2021-0422 has been scored as a medium severity vulnerability.
How to fix CVE-2021-0422?: To fix CVE-2021-0422, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-0422 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2021-0422 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-0422?: CVE-2021-0422 affects n/a MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893.

Description

Category

CWE-770 – Allocation of Resources Without Limits or Throttling

References

Frequently Asked Questions