CVE-2024-20153

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-20153

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-20153.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-20153

Published

2025-01-06T04:15:07.647Z

Modified

2026-02-13T02:35:42.191304Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08990446 / ALPS09057442; Issue ID: MSV-1598.

References

https://corp.mediatek.com/product-security-bulletin/January-2025

Affected packages

Git / github.com/yoctoproject/poky

Affected ranges

Type: GIT
Repo: https://github.com/yoctoproject/poky
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

e1839b58ebe05242a52fe050aa9a08140136aa0a

Affected versions

1.*

1.1_M1.rc1

1.1_M2.rc1

1.1_M2.rc2

1.1_M3.rc2

1.1_M4.rc2+

1.1_M4.rc3

1.2_M2

1.2_M2.final

1.2_M2.rc1

1.2_M3

1.2_M3.final

1.2_M3.rc1

1.2_M4.rc1

1.2_M4.rc2

1.2_M4.rc3

1.2_M4.rc3.1

1.2_M4.rc3.2

1.2_M4.rc4

1.3_M1

1.3_M1.final

1.3_M1.rc1

1.3_M2.rc1

1.3_M3

1.3_M3.final

1.3_M3.rc2

1.3_M4.rc1

1.3_M5.rc1

1.3_M5.rc2

1.4_M1

1.4_M1.final

1.4_M1.rc1

1.4_M3.rc1

1.4_M4

1.4_M4.final

1.4_M4.rc1

1.4_M5

1.4_M5.final

1.4_M5.rc1

1.4_M5.rc2

1.4_M5.rc3

1.5_M1.final

1.5_M1.rc1

1.5_M2.rc1

1.5_M3

1.5_M3.final

1.5_M3.rc1

1.5_M4

1.5_M4.final

1.5_M4.rc1

1.5_M4.rc2

1.5_M4.rc3

1.5_M5.rc1

1.5_M5.rc2

1.5_M5.rc3

1.5_M5.rc4

1.5_M5.rc5

1.5_M5.rc6

1.5_M5.rc7

1.5_M5.rc8

1.6_M1

1.6_M1.final

1.6_M1.rc1

1.6_M2

1.6_M3

1.6_M3.final

1.6_M4

1.7_M1

1.7_M2

1.7_M3

1.8_M1

1.8_M2

1.8_M3

1.9_M2

2.*

2.1_M1

2.2_M1

2.2_M2

2.2_M3

2.3_M1

2.3_M2

2.3_M3

2.4_M1

2.4_M2

2.4_M3

2.5_M1

2.5_M2

2.5_M3

2.6_M1

2.6_M2

2.6_M3

2.7_M1

2.7_M2

2.7_M3

2.8_M1

2.8_M2

2.8_M3

3.*

3.1_M1

3.1_M2

3.1_M3

3.2_M1

3.2_M2

3.2_M3

3.3_M1

3.3_M2

3.3_M3

bernard-5.*

bernard-5.0-alpha

dora-10.*

dora-10.0.0

dora-10.0.0.final

dunfell-23.*

dunfell-23.0.0

gatesgarth-24.*

gatesgarth-24.0.0

hardknott-3.*

hardknott-3.3

jethro-14.*

jethro-14.0.0

krogoth-15.*

krogoth-15.0.0

poky-10.*

poky-10.0.0.final

pyro-17.*

pyro-17.0.0

rocko-18.*

rocko-18.0.0

sumo-19.*

sumo-19.0.0

thud-20.*

thud-20.0.0

uninative-1.*

uninative-1.0

uninative-1.3

uninative-1.4

uninative-1.5

uninative-1.6

uninative-1.7

uninative-1.8

uninative-1.9

uninative-2.*

uninative-2.0

uninative-2.1

uninative-2.10

uninative-2.11

uninative-2.2

uninative-2.3

uninative-2.4

uninative-2.5

uninative-2.6

uninative-2.7

uninative-2.8

uninative-2.9

uninative-3.*

uninative-3.0

yocto-1.*

yocto-1.5

yocto-1.5.final

yocto-1.5_M5.rc2

yocto-1.9_M1

yocto-2.*

yocto-2.0

yocto-2.1

yocto-2.3

yocto-2.4

yocto-2.5

yocto-2.6

yocto-3.*

yocto-3.0

yocto-3.1

yocto-3.2

yocto-3.3

zeus-22.*

zeus-22.0.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-20153.json"