Heap Overflow Vulnerability in Huawei Touchscreen Drivers
CVE-2016-8760

7.8HIGH

Key Information:

Vendor: Huawei
Status: P9,honor 6 Versions Before Eva-al10c00b192,versions Before H60-l02 6.10.1
Vendor: CVE Published:; 2 April 2017

Summary

A heap overflow vulnerability exists in the touchscreen driver of Huawei P9 and Honor 6 smartphones. This flaw allows attackers to exploit the system, potentially leading to unauthorized system crashes or the elevation of user privileges. Users of these devices are advised to update their software to the latest versions to mitigate the risk associated with this vulnerability. For more details on the issue, refer to Huawei's official security advisory.

Affected Version(s)

P9,Honor 6 before EVA-AL10C00B192, before H60-L02_6.10.1 P9,Honor 6 Versions before EVA-AL10C00B192,Versions before H60-L02_6.10.1

References

http://www.securityfocus.com/bid/93530

vdb-entryx_refsource_BID

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 2, 2017
Vulnerability Reserved
Oct 18, 2016