CVE-2023-20698 | MediaTek MT8797 keyinstall out-of-bounds (ALPS07589144 / EUVD-2023-24877)
A vulnerability classified as problematic was found in MediaTek MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T and MT8797. Affected is an unknown function of the component keyinstall. Executing manipulation can lead to out-of-bounds read.
This vulnerability is handled as CVE-2023-20698. It is possible to launch the attack on the local host. There is not any exploit available.
Applying a patch is advised to resolve this issue.