HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2017-17227

CVSS 7.8v3.0pub. 2018-03-09upd. 2024-11-21

GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause accessing out-of-bounds memory. Successful exploit may result in phone crash or arbitrary code execution.

CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Huawei Mate 10

    HW
    Huawei
    wszystkie wersje
  • Huawei Mate 10 Firmware

    OS
    Huawei
    < alp-l09_8.0.0.127\(c900\)< alp-l09_8.0.0.128\(402\)< alp-l09_8.0.0.128\(c02\)< alp-l09_8.0.0.128\(c109\)< alp-l09_8.0.0.128\(c346\)< alp-l09_8.0.0.128\(c432\)< alp-l09_8.0.0.120\(c212\)< alp-l09_8.0.0.128\(c652\)
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2018-7993HIGH7.8ten sam produkt

HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability o...

CVE-2017-15311HIGH8.8ten sam produkt

The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-...

CVE-2020-9119MEDIUM6.2ten sam produkt

There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker ...

CVE-2020-1809MEDIUM4.6ten sam produkt

HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information disclosure v...

CVE-2019-5264MEDIUM4.6ten sam produkt

There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;...

CVE-2017-17227 β€” Huawei β€” Mate 10 β€” HIGH β€” CVSS 7.8 | CVEbaza.pl