Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.2
PCIe: Missing Bounds Check Triggers Local Privilege Escalation
CVE-2026-20416
Summary
A bug in PCIe software can allow an attacker who already has some system privileges to gain even more privileges. This can happen without any user interaction. Businesses should update their PCIe software to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| android | 15.0 | – | |
| android | 16.0 | – |
Original title
In pcie, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User...
Original description
In pcie, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315038 / ALPS10340155; Issue ID: MSV-5155.
nvd CVSS3.1
7.2
Vulnerability type
CWE-787
Out-of-bounds Write
- https://corp.mediatek.com/product-security-bulletin/March-2026 Vendor Advisory
Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026