How severe is CVE-2023-20737?

CVE-2023-20737 has a CVSS v3 score of 6.7 (MEDIUM).

CVE-2023-20737

6.7MEDIUM

In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploit

公開日: 6/6/2023更新日: 1/7/2025

説明

In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645167.

AI分析AIによる分析

影響を受ける製品

linuxfoundationiot-yocto

22.2

linuxfoundationyocto

4.0

googleandroid

12.0

googleandroid

13.0

mediatekmt6768

mediatekmt6769

mediatekmt6779

mediatekmt6781

mediatekmt6785

mediatekmt6789

mediatekmt6833

mediatekmt6853

mediatekmt6853t

mediatekmt6873

mediatekmt6875

mediatekmt6877

mediatekmt6883

mediatekmt6885

mediatekmt6889

mediatekmt6891

mediatekmt6893

mediatekmt8168

mediatekmt8365

mediatekmt8395

参照

https://corp.mediatek.com/product-security-bulletin/June-2023
Vendor Advisory
https://corp.mediatek.com/product-security-bulletin/June-2023
Vendor Advisory