CVE-2025-20722

Medium CVSS: 5.5

In gnss driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09920036; Issue ID: MSV-3798.

Vendor

Rdkcentral

Product

Rdk-b

CWE

CWE-190

Yayın Tarihi

2025-10-14 10:15:37

Güncelleme

2025-10-15 18:45:07

Source Identifier

security@mediatek.com

KEV Date Added

Kategoriler

CWE-190 Rdk-b MEDIUM Rdkcentral 2025

Referanslar

https://corp.mediatek.com/product-security-bulletin/October-2025