{
  "id": "CVE-2024-20007",
  "sourceIdentifier": "security@mediatek.com",
  "published": "2024-02-05T06:15:47.283",
  "lastModified": "2024-02-05T13:54:33.663",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369."
    },
    {
      "lang": "es",
      "value": "En el decodificador de mp3, existe una posible escritura fuera de los l\u00edmites debido a una condici\u00f3n de ejecuci\u00f3n. Esto podr\u00eda conducir a una escalada remota de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. Se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS08441369; ID del problema: ALPS08441369."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://corp.mediatek.com/product-security-bulletin/February-2024",
      "source": "security@mediatek.com"
    }
  ]
}