DoS Vulnerability in Audio Driver of Huawei P9 Smartphones
CVE-2017-8148

4.7MEDIUM

Key Information:

Vendor: McAfee
Status: P9
Vendor: CVE Published:; 22 November 2017

Summary

The audio driver in Huawei P9 smartphones contains a vulnerability that can lead to a denial of service (DoS). This vulnerability allows an attacker to deceive users into installing a malicious application. A race condition arises when the application attempts to access shared resources, resulting in a null pointer access that ultimately forces the device to reboot. This issue highlights the necessity for users to stay vigilant regarding application permissions and the software they install on their devices.

Affected Version(s)

P9 The versions before EVA-AL10C00B389

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 22, 2017
Vulnerability Reserved
Apr 25, 2017