HIGH🇬🇧 English

CVE-2017-17173

CVSS 7.8v3.0pub. 2018-06-14upd. 2024-11-21

Due to insufficient parameters verification GPU driver of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.356(C00) has an arbitrary memory free vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to driver to release special kernel memory resource. Successful exploit may result in phone crash or arbitrary code execution.

oryginał EN
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Huawei Mate 9 Pro

    HW
    Huawei
    wszystkie wersje
  • Huawei Mate 9 Pro Fimware

    OS
    Huawei
    < lon-al00b_8.0.0.356\(c00\)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2017-17320HIGH7.8ten sam produkt

Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a me...

CVE-2017-17225HIGH8.8ten sam produkt

The Near Field Communication (NFC) module in Huawei Mate 9 Pro mobile phones with the versions before LON-AL00...

CVE-2017-17324HIGH7.8ten sam produkt

Huawei Mate 9 Pro smartphones with software LON-AL00BC00B139D; LON-AL00BC00B229 have an integer overflow vulne...

CVE-2017-15311HIGH8.8ten sam produkt

The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-...

CVE-2017-15316HIGH7.8ten sam produkt

The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334(C00) and Mate 9 Pro Huaw...