CVE-2026-20437
Received
Received - Intake
Use-After-Free in MAE Causes Local System Crash Denial of Service
Publication date: 2026-03-02
Last updated on: 2026-03-03
Assigner: MediaTek, Inc.
Description
Description
In MAE, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10431940; Issue ID: MSV-5843.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| android | 15.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in MAE and involves a use after free issue that can cause the system to crash.
Exploitation does not require user interaction but does require that the attacker already has System privilege.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a local denial of service, where the system may crash due to the use after free condition.
Since exploitation requires System privilege, the attacker must already have high-level access to cause this impact.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70