Buffer Overflow Vulnerability in HUAWEI P9 Lite Mobile Phones
CVE-2017-17313

5.5MEDIUM

Key Information:

Vendor: McAfee
Status: Huawei P9 Lite
Vendor: CVE Published:; 19 April 2018

What is CVE-2017-17313?

The HUAWEI P9 Lite mobile phones have a buffer overflow vulnerability in the inputhub driver due to insufficient parameter validation. This flaw allows attackers to exploit the vulnerability by persuading users to install a malicious application, which can then send specially crafted data to the inputhub driver. If successfully exploited, this could lead to a system reboot, compromising the device's stability and security.

Affected Version(s)

HUAWEI P9 Lite Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 19, 2018
Vulnerability Reserved
Dec 4, 2017

McAfee

What is CVE-2017-17313?

Affected Version(s)

References

CVSS V3.1

Timeline