CVE-2024-20019

EUVD-2024-17734
In wlan driver, there is a possible memory leak due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00351241; Issue ID: MSV-1173.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
Affected Products (NVD)
VendorProductVersion
mediateksoftware_package
𝑥
≤ 2023.11.10
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
mediatekmt7927
𝑥
< 2023.11.10
ADP
mediatekmt7925
-0 ≤
𝑥
< 2023.11.10
ADP
Common Weakness Enumeration
References
https://corp.mediatek.com/product-security-bulletin/March-2024
https://corp.mediatek.com/product-security-bulletin/March-2024