August 2021 Product Security Bulletin

Published 2021-08-05
The MediaTek Product Security Bulletin contains details of security vulnerabilities affecting MediaTek smartphone chipsets. Device OEMs have been notified of all the issues and the corresponding security patches for at least a month before publication.

The severity of the identified vulnerabilities was conducted based on the Common Vulnerability Scoring System version 3.1 (CVSS v3.1).


Summary

Severity CVEs
High CVE-2021-0573, CVE-2021-0574, CVE-2021-0576, CVE-2021-0578, CVE-2021-0579, CVE-2021-0580, CVE-2021-0581, CVE-2021-0582
Medium CVE-2021-0407, CVE-2021-0408, CVE-2021-0415, CVE-2021-0416, CVE-2021-0417, CVE-2021-0418, CVE-2021-0419, CVE-2021-0420, CVE-2021-0626, CVE-2021-0627, CVE-2021-0628


Details

CVE CVE-2021-0573
Title Improper check or handling of exceptional conditions in asf extractor
Severity High
Vulnerability Type EoP
CWE CWE-703 Improper Check or Handling of Exceptional Conditions
Description In asf extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893
Affected Software Versions Android 8.1, 9.0, 10.0, 11.0

CVE CVE-2021-0574
Title Out-of-bounds write in asf extractor
Severity High
Vulnerability Type EoP
CWE CWE-787 Out-of-bounds Write
Description In asf extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893
Affected Software Versions Android 8.1, 9.0, 10.0, 11.0

CVE CVE-2021-0576
Title Heap overflow in flv extractor
Severity High
Vulnerability Type EoP
CWE CWE-122 Heap Overflow
Description In flv extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893
Affected Software Versions Android 8.1, 9.0, 10.0, 11.0

CVE CVE-2021-0578
Title Out-of-bounds read in wifi driver
Severity High
Vulnerability Type ID
CWE CWE-125 Out-of-bounds Read
Description In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6761, MT6762, MT6765, MT6768, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 8.1, 9.0, 10.0, 11.0

CVE CVE-2021-0579
Title Buffer over-read in wifi driver
Severity High
Vulnerability Type ID
CWE CWE-126 Buffer Over-read
Description In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6761, MT6762, MT6765, MT6768, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 8.1, 9.0, 10.0, 11.0

CVE CVE-2021-0580
Title Integer underflow in wifi driver
Severity High
Vulnerability Type ID
CWE CWE-191 Integer Underflow
Description In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6761, MT6762, MT6765, MT6768, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 8.1, 9.0, 10.0, 11.0

CVE CVE-2021-0581
Title Out-of-bounds read in wifi driver
Severity High
Vulnerability Type ID
CWE CWE-125 Out-of-bounds Read
Description In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6761, MT6762, MT6765, MT6768, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 8.1, 9.0, 10.0, 11.0

CVE CVE-2021-0582
Title Out-of-bounds read in wifi driver
Severity High
Vulnerability Type ID
CWE CWE-125 Out-of-bounds Read
Description In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6761, MT6762, MT6765, MT6768, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 8.1, 9.0, 10.0, 11.0

CVE CVE-2021-0407
Title Write-what-where condition in clk driver
Severity Medium
Vulnerability Type EoP
CWE CWE-123 Write-what-where Condition
Description In clk driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6833, MT6853, MT6853T, MT6873, MT6885, MT6889, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0408
Title Improper check or handling of exceptional conditions in asf extractor
Severity Medium
Vulnerability Type ID
CWE CWE-703 Improper Check or Handling of Exceptional Conditions
Description In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0415
Title Information disclosure in memory management driver
Severity Medium
Vulnerability Type ID
CWE CWE-200 Information Disclosure
Description In memory management driver, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0416
Title Improper input validation in memory management driver
Severity Medium
Vulnerability Type ID
CWE CWE-20 Improper Input Validation
Description In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0417
Title Use of insufficiently random values in memory management driver
Severity Medium
Vulnerability Type ID
CWE CWE-330 Use of Insufficiently Random Values
Description In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0418
Title Denial of service in memory management driver
Severity Medium
Vulnerability Type DoS
CWE CWE-400 Denial of Service
Description In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0419
Title Denial of service in memory management driver
Severity Medium
Vulnerability Type DoS
CWE CWE-400 Denial of Service
Description In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0420
Title Denial of service in memory management driver
Severity Medium
Vulnerability Type DoS
CWE CWE-400 Denial of Service
Description In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0626
Title Out-of-bounds write in ged
Severity Medium
Vulnerability Type EoP
CWE CWE-787 Out-of-bounds Write
Description In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6768, MT6771, MT6779, MT6785
Affected Software Versions Android 9.0, 10.0, 11.0

CVE CVE-2021-0627
Title Integer overflow or wraparound in OMA DRM
Severity Medium
Vulnerability Type EoP
CWE CWE-190 Integer Overflow or Wraparound
Description In OMA DRM, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6735, MT6739, MT6755S, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885
Affected Software Versions Android 10.0, 11.0

CVE CVE-2021-0628
Title Improper input validation in OMA DRM
Severity Medium
Vulnerability Type EoP
CWE CWE-20 Improper Input Validation
Description In OMA DRM, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Affected Chipsets MT6580, MT6735, MT6739, MT6755S, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885
Affected Software Versions Android 10.0, 11.0


Vulnerability Type Definition

Abbreviation Definition
RCE Remote Code Execution
EoP Elevation of Privilege
ID Information Disclosure
DoS Denial of Service
N/A Classification not available


Versions

Version Date Description
1.0 August 5, 2021 Bulletin published.


Notes

Information above is generated only at the time of creation of this Security Bulletin. The list of affected chipsets could be not complete. For any further information, device OEMs can reach your MediaTek contact person if needed.

If you want to report a security vulnerability in MediaTek chipsets or products, please go to Report Security Vulnerability page on MediaTek website.