CVE-2016-8774

6.7MEDIUM

Key Information:

Vendor: Huawei
Status: Mate 8,mate S,p8,p9 Versions Before Nxt-al10c00b386,versions Before Nxt-cl00c92b386,versions Before Nxt-dl00c17b386,versions Before Nxt-tl00c01b386,versions Before Crr-cl00c92b368,versions Before Crr-cl20c92b368,versions Before Crr-tl00c01b368,versions Before Crr-ul00c00b368,versions Before Crr-ul20c00b368,versions Before Gra-tl00c01b366,versions Before Gra-cl00c92b366,versions Before Gra-cl10c92b366,versions Before Gra-ul00c00b366,versions Before Gra-ul10c00b366,versions Before Eva-al10c00b190,versions Before Eva-dl10c00b190,versions Before Eva-tl10c00b190,versions Before Eva-cl10c00b190,
Vendor: CVE Published:; 2 April 2017

Summary

The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366; and P9 phones with software Versions before EVA-AL10C00B190, Versions before EVA-DL10C00B190, Versions before EVA-TL10C00B190, Versions before EVA-CL10C00B190 allows attackers to get root privilege or crash the system or execute arbitrary code, related to a buffer overflow.

Affected Version(s)

Mate 8,Mate S,P8,P9 before NXT-AL10C00B386, before NXT-CL00C92B386, before NXT-DL00C17B386, before NXT-TL00C01B386, before CRR-CL00C92B368, before CRR-CL20C92B368, before CRR-TL00C01B368, before CRR-UL00C00B368, before CRR-UL20C00B368, before GRA-TL00C01B366, before GRA-CL00C92B366, before GRA-CL10C92B366, before GRA-UL00C00B366, before GRA-UL10C00B366, before EVA-AL10C00B190, before EVA-DL10C00B190, before EVA-TL10C00B190, before EVA-CL10C00B190, Mate 8,Mate S,P8,P9 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366,Versions before EVA-AL10C00B190,Versions before EVA-DL10C00B190,Versions before EVA-TL10C00B190,Versions before EVA-CL10C00B190,

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/94503

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 2, 2017
Vulnerability Reserved
Oct 18, 2016