There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
oryginał ENCVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HHuawei Alp Al00b
HWHuaweiwszystkie wersjeHuawei Alp Al00b Firmware
OSHuawei< 9.1.0.333\(c00e333r2p1t8\)Huawei Alp L09
HWHuaweiwszystkie wersjeHuawei Alp L09 Firmware
OSHuawei< 9.1.0.300\(c432e4r1p9t8\)Huawei Alp L29
HWHuaweiwszystkie wersjeHuawei Alp L29 Firmware
OSHuawei< 9.1.0.315\(c636e5r1p13t8\)Huawei Berkeley Al20
HWHuaweiwszystkie wersjeHuawei Berkeley Al20 Firmware
OSHuawei< 9.1.0.333\(c00e333r2p1t8\)Huawei Berkeley L09
HWHuaweiwszystkie wersjeHuawei Berkeley L09 Firmware
OSHuawei< 9.1.0.350\(c636e4r1p13t8\)< 9.1.0.351\(c432e5r1p13t8\)< 9.1.0.350\(c10e3r1p14t8\)Huawei Bla L29c
HWHuaweiwszystkie wersjeHuawei Bla L29c Firmware
OSHuawei< 9.1.0.302\(c635e4r1p13t8\)< 9.1.0.330\(c432e6r1p12t8\)< 9.1.0.321\(c636e4r1p14t8\)Huawei Charlotte L09c
HWHuaweiwszystkie wersjeHuawei Charlotte L09c Firmware
OSHuawei< 9.1.0.311\(c185e4r1p11t8\)< 9.1.0.345\(c432e8r1p11t8\)Huawei Charlotte L29c
HWHuaweiwszystkie wersjeHuawei Charlotte L29c Firmware
OSHuawei< 9.1.0.335\(c636e3r1p13t8\)< 9.1.0.325\(c185e4r1p11t8\)< 9.1.0.345\(c432e8r1p11t8\)< 9.1.0.336\(c605e3r1p12t8\)Huawei Columbia Al10b
HWHuaweiwszystkie wersjeHuawei Columbia Al10b Firmware
OSHuawei< 9.1.0.333\(c00e333r1p1t8\)Huawei Columbia L29d
HWHuaweiwszystkie wersjeHuawei Columbia L29d Firmware
OSHuawei< 9.1.0.350\(c10e5r1p14t8\)< 9.1.0.350\(c461e3r1p11t8\)< 9.1.0.350\(c185e3r1p12t8\)< 9.1.0.351\(c432e5r1p13t8\)Huawei Cornell Al00a
HWHuaweiwszystkie wersjeHuawei Cornell Al00a Firmware
OSHuawei< 9.1.0.333\(c00e333r1p1t8\)Huawei Cornell L29a
HWHuaweiwszystkie wersjeHuawei Cornell L29a Firmware
OSHuawei< 9.1.0.330\(c461e1r1p9t8\)< 9.1.0.328\(c636e2r1p12t8\)< 9.1.0.328\(c185e1r1p9t8\)< 9.1.0.328\(c432e1r1p9t8\)Huawei Emily L09c
HWHuaweiwszystkie wersjeHuawei Emily L09c Firmware
OSHuawei< 9.1.0.336\(c605e4r1p12t8\)< 9.1.0.311\(c185e2r1p12t8\)< 9.1.0.345\(c432e10r1p12t8\)Huawei Emily L29c
HWHuaweiwszystkie wersjeHuawei Emily L29c Firmware
OSHuawei< 9.1.0.311\(c432e7r1p11t8\)< 9.1.0.311\(c605e2r1p12t8\)< 9.1.0.311\(c636e7r1p13t8\)Huawei Ever L29b
HWHuaweiwszystkie wersjeHuawei Ever L29b Firmware
OSHuawei< 9.1.0.311\(c185e3r3p1\)< 9.1.0.310\(c636e3r2p1\)< 9.1.0.310\(c432e3r1p12\)
Powiązane podatności
In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to ins...
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user...
There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated ...
There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inp...
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate...