CVE-2023-20608 Vulnerability Details 
                
					
						
						   
					    /   
					
					
						
						   
					    /   
					
					
						
						   
					    /   
					
					
						
						   
					 
					
					
CVE-2023-20608 Metadata Quick Info 
					CVE Published: 06/02/2023  | 
					
CVE Updated: 02/08/2024  | 
					
CVE Year: 2023  
					
					Source:  MediaTek  | 
					
Vendor:  MediaTek, Inc.  | 
					
Product: MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8365, MT8675  
					
					
					Status : PUBLISHED  
					
 
					CVE-2023-20608 Description 
					 
					In display drm, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363599; Issue ID: ALPS07363599.					
					
					
Metrics 
					CVSS Version: 3.1  | 
					
Base Score: n/a  
					Vector: n/a  
					
					l➤ Exploitability Metrics:      Attack Vector (AV)*        Attack Complexity (AC)*        Privileges Required (PR)*        User Interaction (UI)*        Scope (S)*   l➤ Impact Metrics:      Confidentiality Impact (C)*        Integrity Impact (I)*        Availability Impact (A)*   Weakness Enumeration (CWE) 
					CWE-ID:   CWE Name: Elevation of Privilege  Source: MediaTek, Inc.  Common Attack Pattern Enumeration and Classification (CAPEC) 
					CAPEC-ID:   CAPEC Description:   
						Source: NVD (National Vulnerability Database).