Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-20443

Summary
Assigner-MediaTek
Assigner Org ID-ee979b05-11f8-4f25-a7e0-a1fa9c190374
Published At-02 Mar, 2026 | 08:39
Updated At-03 Mar, 2026 | 04:55
Rejected At-
Credits

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5722.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:MediaTek
Assigner Org ID:ee979b05-11f8-4f25-a7e0-a1fa9c190374
Published At:02 Mar, 2026 | 08:39
Updated At:03 Mar, 2026 | 04:55
Rejected At:
â–¼CVE Numbering Authority (CNA)

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5722.

Affected Products
Vendor
MediaTek Inc.MediaTek, Inc.
Product
MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT6993, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
Versions
Affected
  • Android 14.0, 15.0, 16.0
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416 Use After Free
Type: CWE
CWE ID: CWE-416
Description: CWE-416 Use After Free
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://corp.mediatek.com/product-security-bulletin/March-2026
N/A
Hyperlink: https://corp.mediatek.com/product-security-bulletin/March-2026
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@mediatek.com
Published At:02 Mar, 2026 | 09:16
Updated At:03 Mar, 2026 | 13:00

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5722.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Google LLC
google
>>android>>14.0
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
Google LLC
google
>>android>>15.0
cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*
Google LLC
google
>>android>>16.0
cpe:2.3:o:google:android:16.0:-:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6739>>-
cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6761>>-
cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6765>>-
cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6768>>-
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6781>>-
cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6789>>-
cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6833>>-
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6835>>-
cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6853>>-
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6855>>-
cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6877>>-
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6878>>-
cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6879>>-
cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6883>>-
cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6885>>-
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6886>>-
cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6889>>-
cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6893>>-
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6895>>-
cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6897>>-
cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6899>>-
cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6983>>-
cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6985>>-
cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6989>>-
cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6991>>-
cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6993>>-
cpe:2.3:h:mediatek:mt6993:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8186>>-
cpe:2.3:h:mediatek:mt8186:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8188>>-
cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8196>>-
cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8667>>-
cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8673>>-
cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8676>>-
cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8678>>-
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8765>>-
cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8766>>-
cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8768>>-
cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8771>>-
cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8781>>-
cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8791t>>-
cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8792>>-
cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8793>>-
cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8795t>>-
cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8796>>-
cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8798>>-
cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8873>>-
cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt8883>>-
cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Secondarysecurity@mediatek.com
CWE ID: CWE-416
Type: Secondary
Source: security@mediatek.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://corp.mediatek.com/product-security-bulletin/March-2026security@mediatek.com
Vendor Advisory
Hyperlink: https://corp.mediatek.com/product-security-bulletin/March-2026
Source: security@mediatek.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

2087Records found
CVE-2026-0027
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-Not Assigned
Published-02 Mar, 2026 | 18:42
Updated-03 Mar, 2026 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In smmu_detach_dev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2025-20787
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.40%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765mt6789mt6739mt8676androidmt6879mt6761mt6855mt6989mt6991mt8796mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt2718mt6853mt8196mt6889mt6877mt6883mt6885mt6983mt6878mt6768mt6781MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8796
CWE ID-CWE-416
Use After Free
CVE-2025-20804
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.40%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10198951; Issue ID: MSV-4503.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6899androidmt6991MT6899, MT6991
CWE ID-CWE-416
Use After Free
CVE-2025-20802
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.40%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In geniezone, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10238968; Issue ID: MSV-4914.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8196mt8367androidmt8793mt6991mt8786mt8781MT6991, MT8196, MT8367, MT8781, MT8786, MT8793
CWE ID-CWE-416
Use After Free
CVE-2025-20806
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.40%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114835; Issue ID: MSV-4479.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6899androidmt8793mt6991MT6899, MT6991, MT8793
CWE ID-CWE-416
Use After Free
CVE-2025-20786
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.40%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4673.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-416
Use After Free
CVE-2025-20775
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.45%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-416
Use After Free
CVE-2025-20785
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.40%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4677.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-416
Use After Free
CVE-2025-20773
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.45%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4797.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765androidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt6983mt8792mt8793mt6878mt6768mt6789mt6739mt8676mt6761mt6855mt2718mt6853mt6889mt6883mt6885mt6781MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-416
Use After Free
CVE-2025-20707
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.31%
||
7 Day CHG~0.00%
Published-01 Sep, 2025 | 05:12
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In geniezone, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09924201; Issue ID: MSV-3820.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8792mt6991mt8791tmt2718mt8196mt8676mt8775mt6853mt8678mt8796mt6877mt6893mt8883mt8788emt8893androidmt8786mt6899MT2718, MT6853, MT6877, MT6893, MT6899, MT6991, MT8196, MT8676, MT8678, MT8775, MT8786, MT8788E, MT8791T, MT8792, MT8796, MT8883, MT8893
CWE ID-CWE-416
Use After Free
CVE-2021-39638
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.92%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:06
Updated-04 Aug, 2024 | 02:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In periodic_io_work_func of lwis_periodic_io.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195607566References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2021-39656
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.90%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:05
Updated-04 Aug, 2024 | 02:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In __configfs_open_file of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174049066References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-667
Improper Locking
CVE-2020-0429
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.86%
||
7 Day CHG~0.00%
Published-17 Sep, 2020 | 18:42
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-152735806

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-48414
Matching Score-10
Assigner-Google Devices
ShareView Details
Matching Score-10
Assigner-Google Devices
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.01%
||
7 Day CHG~0.00%
Published-08 Dec, 2023 | 15:44
Updated-02 Aug, 2024 | 21:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Pixel Camera Driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2019-9442
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.65%
||
7 Day CHG~0.00%
Published-06 Sep, 2019 | 21:47
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Android kernel in the mnh driver there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System privileges required. User interaction is not needed for exploitation.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-9259
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.54%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 18:05
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Bluetooth stack, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113575306

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-9273
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.90%
||
7 Day CHG~0.00%
Published-06 Sep, 2019 | 21:45
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Android kernel in the synaptics_dsx_htc touchscreen driver there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-667
Improper Locking
CVE-2019-9275
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 24.82%
||
7 Day CHG~0.00%
Published-06 Sep, 2019 | 21:46
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Android kernel in the mnh driver there is a use after free due to improper locking. This could lead to escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-667
Improper Locking
CVE-2023-42722
Matching Score-10
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-10
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.41%
||
7 Day CHG-0.01%
Published-04 Dec, 2023 | 00:54
Updated-02 Aug, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In camera service, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t310t820t616androidt610t770t612t606s8000sc9832et760sc7731esc9863at618SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
CWE ID-CWE-416
Use After Free
CVE-2023-35693
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.27%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 23:56
Updated-01 Nov, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2023-35660
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.94%
||
7 Day CHG~0.00%
Published-11 Oct, 2023 | 19:24
Updated-18 Sep, 2024 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In lwis_transaction_client_cleanup of lwis_transaction.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2021-0629
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.54%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:56
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mdlactl driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05776625; Issue ID: ALPS05776625.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt9638mt9980mt6873mt6893mt6885mt9981mt9669mt9650mt8195mt6891mt6883mt9636mt9970androidmt9652mt6875mt8797mt6889mt9686mt9639mt8791MT6873, MT6875, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9686, MT9970, MT9980, MT9981
CWE ID-CWE-416
Use After Free
CVE-2021-0935
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.37%
||
7 Day CHG~0.00%
Published-25 Oct, 2021 | 13:20
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168607263References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0669
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.48%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:58
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05681550; Issue ID: ALPS05681550.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt9638mt9980mt6873mt6893mt6885mt9981mt9669mt9650mt6877mt8195mt6891mt6883mt6853mt9636mt6853tmt9970androidmt9652mt6875mt8797mt6889mt9686mt9639mt8791MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9686, MT9970, MT9980, MT9981
CWE ID-CWE-416
Use After Free
CVE-2021-0899
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.87%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672059.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-416
Use After Free
CVE-2021-0535
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.92%
||
7 Day CHG~0.00%
Published-22 Jun, 2021 | 11:01
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wpas_ctrl_msg_queue_timeout of ctrl_iface_unix.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-168314741

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2021-0893
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.87%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05687474.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-416
Use After Free
CVE-2021-0365
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.41%
||
7 Day CHG-0.00%
Published-02 Feb, 2021 | 23:00
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05454782.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2021-0667
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.87%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:58
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05670581; Issue ID: ALPS05670581.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt9638mt9980mt6873mt6893mt6885mt9981mt9669mt9650mt6877mt6891mt6883mt9636mt9970androidmt9652mt6875mt6889mt9686mt9639MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9686, MT9970, MT9980, MT9981
CWE ID-CWE-416
Use After Free
CVE-2021-0664
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.92%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:57
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccu, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827158; Issue ID: ALPS05827158.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6771mt8385mt6833mt6885mt8788mt6877mt8183mt6765mt6853mt8768androidmt6889mt6768mt6779mt6785MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6889, MT8183, MT8385, MT8768, MT8788
CWE ID-CWE-416
Use After Free
CVE-2021-0670
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.48%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:58
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05654663; Issue ID: ALPS05654663.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6853tmt6893mt6891androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6853mt6883MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-416
Use After Free
CVE-2021-0898
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.87%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672071.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-416
Use After Free
CVE-2021-0342
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.79%
||
7 Day CHG~0.00%
Published-11 Jan, 2021 | 20:28
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is not required for exploitation. Product: Android; Versions: Android kernel; Android ID: A-146554327.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2021-0941
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.92%
||
7 Day CHG~0.00%
Published-25 Oct, 2021 | 13:20
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-154177719References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0656
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.92%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:57
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In edma driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05709376; Issue ID: ALPS05709376.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6853tmt6893androidmt6885mt8797mt6889mt8791mt6877mt8195mt6853mt6883MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-416
Use After Free
CVE-2023-21038
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.22%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-25 Feb, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cs40l2x_cp_trigger_queue_show of cs40l2x.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-224000736References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20744
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.53%
||
7 Day CHG-0.01%
Published-06 Jun, 2023 | 12:11
Updated-07 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vcu, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07519200.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt6855iot-yoctomt8786mt6789androidmt8789mt8395mt8797mt8185mt8791yoctomt8365mt8781mt8195MT6789, MT6855, MT8185, MT8195, MT8365, MT8395, MT8781, MT8786, MT8789, MT8791, MT8797
CWE ID-CWE-416
Use After Free
CVE-2023-20664
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.22%
||
7 Day CHG-0.01%
Published-06 Apr, 2023 | 00:00
Updated-13 Feb, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gz, there is a possible double free due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07505952; Issue ID: ALPS07505952.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8788mt6853mt8871mt6895mt6983mt8185mt8786mt6889mt6873mt6737mt8766mt8765mt6833mt6739mt8891mt6765mt8385mt6883mt6753mt6789mt8771mt6785mt6735mt6877mt6855mt8781mt6771mt6580mt8168mt6853tmt8795tmt8188mt8321mt8789mt6779mt6885mt8666mt6768mt6781mt6879mt6893mt8362amt8768mt8675mt8791mt8791tandroidmt8797mt8696mt8798mt6761mt8673mt8365MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8185, MT8188, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8673, MT8675, MT8696, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891
CWE ID-CWE-416
Use After Free
CVE-2023-21043
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.82%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-25 Feb, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239872581References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2023-21020
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.22%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-24 Feb, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In registerSignalHandlers of main.c, there is a possible local arbitrary code execution due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-256591441

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2023-21018
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.22%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-26 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In UnwindingWorker of unwinding.cc, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233338564

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2023-21042
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.82%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-19 Feb, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239873326References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2022-42520
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.87%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ServiceInterface::HandleRequest of serviceinterface.cpp, there is a possible use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242994270References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2018-9439
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 6.27%
||
7 Day CHG~0.00%
Published-04 Dec, 2024 | 23:37
Updated-19 Dec, 2024 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In __unregister_prot_hook and packet_release of af_packet.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroidpixel
CWE ID-CWE-416
Use After Free
CVE-2025-20772
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.45%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765androidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt6983mt8792mt8793mt6878mt6768mt6789mt6739mt8676mt6761mt6855mt2718mt6853mt6889mt6883mt6885mt6781MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-416
Use After Free
CVE-2025-20805
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.40%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114696; Issue ID: MSV-4480.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6899androidmt8793mt6991MT6899, MT6991, MT8793
CWE ID-CWE-416
Use After Free
CVE-2025-36922
Matching Score-10
Assigner-Google Devices
ShareView Details
Matching Score-10
Assigner-Google Devices
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.61%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 19:35
Updated-26 Feb, 2026 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In bigo_map of bigo_iommu.c, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege in the OS Kernel level with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2022-32607
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.92%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-02 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In aee, there is a possible use after free due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202891; Issue ID: ALPS07202891.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8765mt6853tmt6879mt6761mt8666mt6889androidmt6762mt8167smt8675mt6739mt8696mt8891mt6891mt6877mt6875mt8791mt8788mt8385mt6765mt6883mt8795tmt6781mt6893mt6833mt6768mt6895mt6580mt8768mt8786mt6853mt6873mt6983mt8791tmt6779mt8797mt6785mt6769mt6885mt6771mt8365mt8167mt8362amt8168mt8175mt8766mt6789mt8173mt8871MT6580, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8696, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8791T, MT8795T, MT8797, MT8871, MT8891
CWE ID-CWE-416
Use After Free
CVE-2026-20414
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.00% / 0.08%
||
7 Day CHG~0.00%
Published-02 Feb, 2026 | 08:15
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In imgsys, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362999; Issue ID: MSV-5625.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-androidmt8766mt8678mt8786mt8768mt6989mt8196mt8796mt6897MT6897, MT6989, MT8196, MT8678, MT8766, MT8768, MT8786, MT8796
CWE ID-CWE-416
Use After Free
CVE-2021-0349
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.17%
||
7 Day CHG-0.00%
Published-04 Feb, 2021 | 17:10
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11; Patch ID: ALPS05362646.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 41
  • 42
  • Next
Details not found