CVE-2017-15330

5.5MEDIUM

Key Information:

Vendor: McAfee
Status: Vicky-al00a
Vendor: CVE Published:; 15 February 2018

Summary

The Flp Driver in some Huawei smartphones of the software Vicky-AL00AC00B124D, Vicky-AL00AC00B157D, Vicky-AL00AC00B167 has a double free vulnerability. An attacker can trick a user to install a malicious application which has a high privilege to exploit this vulnerability. Successful exploitation may cause denial of service (DoS) attack.

Affected Version(s)

Vicky-AL00A Vicky-AL00AC00B124D, Vicky-AL00AC00B157D, Vicky-AL00AC00B167

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2018
Vulnerability Reserved
Oct 14, 2017