Input Validation Flaw in Huawei P9 and P8 Lite TrustZone Driver
CVE-2016-8764

6.4MEDIUM

Summary

An input validation vulnerability exists in the TrustZone driver of certain Huawei smartphones, specifically the P9, P9 Lite, and P8 Lite models. This flaw permits unauthorized access to read and write user-mode memory data within the TrustZone environment. Attackers exploiting this vulnerability could potentially manipulate sensitive data or disrupt normal operations of device functions, posing serious security concerns for users relying on these devices.

Affected Version(s)

P9,P9 Lite,P8 Lite earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier ,ALE-L02C636B150 and earlier P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions

References

CVSS V3.1

Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.