CVE-2022-21769: Mediatek CCCI Kernel Driver OOB Read

We have identified a new out-of-bound read vulnerability in Mediatek’s Linux Kernel driver implementation of cellular-to-application processor communication interface (CCCI). The vulnerability can be exploited by a malicious (compromised) baseband runtime to leak information from the kernel runtime and break the kernel’s entropy-based mitigations such as KASLR and stack smashing protection.
The vulnerability we are disclosing in this advisory affected a wide range of Mediatek devices, including phones on the newest chipsets (Dimensity 700, 1000, etc). The July 2022 issue …

application baseband cellular communication compromised cve driver entropy exploited implementation information interface kaslr kernel kernel driver leak linux linux kernel malicious mediatek mitigations oob processor protection runtime stack vulnerability