Denial of Service Vulnerability in Huawei ALE and GEM Smartphones
CVE-2015-8226

5.5MEDIUM

Key Information:

Vendor: Huawei
Status: Gem-703l Firmware; Ale Firmware
Vendor: CVE Published:; 8 January 2016

Summary

A security vulnerability exists in the JPU (Joint Photographic Experts Group Processing Unit) driver of certain Huawei ALE and GEM smartphones. This flaw enables remote attackers to trigger a denial of service by exploiting crafted applications that acquire either system or camera permissions. Affected devices include specific models of Huawei ALE and GEM smartphones running outdated software versions, thereby increasing the risk of unexpected crashes and service disruptions.

References

http://www1.huawei.com/en/security/psirt/security-bulleti...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 8, 2016
Vulnerability Reserved
Nov 17, 2015