Stack Overflow Vulnerability in Huawei Mobile Phones
CVE-2016-8759

7.8HIGH

Key Information:

Vendor: Huawei
Status: P9,honor 6 Versions Before Eva-al10c00b192,versions Before H60-l02 6.10.1
Vendor: CVE Published:; 2 April 2017

Summary

A stack overflow vulnerability exists in the video driver of Huawei P9 smartphones with software versions before EVA-AL10C00B192 and Huawei Honor 6 smartphones with software versions prior to H60-L02_6.10.1. This vulnerability could allow an attacker to crash the system or escalate user privileges, compromising the integrity and stability of the device. Users are advised to update their devices to the latest software versions to mitigate potential risks.

Affected Version(s)

P9,Honor 6 before EVA-AL10C00B192, before H60-L02_6.10.1 P9,Honor 6 Versions before EVA-AL10C00B192,Versions before H60-L02_6.10.1

References

http://www.securityfocus.com/bid/93530

vdb-entryx_refsource_BID

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 2, 2017
Vulnerability Reserved
Oct 18, 2016