Three the of vulnerabilities, tracked as CVE-2021-0661, CVE-2021-0662 and CVE-2021-0663, affected MediaTek’s audio digital signal processor (DSP) firmware. It’s a sensitive component that if compromised could allow attackers to spy on user conversations. . Researchers at Check Point found and reported the flaws to MediaTek, which disclosed and fixed them in October.
Link: This chip flaw could have let malicious apps eavesdrop on Android phone users
via http://www.zdnet.com