Use-After-Free Vulnerability in Huawei Display Module
CVE-2024-57959

6.1MEDIUM

Key Information:

Vendor: Huawei
Status: Harmonyos; Emui
Vendor: CVE Published:; 6 February 2025

Summary

A use-after-free vulnerability in the Huawei display module may allow attackers to exploit certain features, leading to abnormal performance behavior. This vulnerability can be triggered under specific conditions, resulting in potential disruption of normal operations. Users are advised to implement security patches provided by Huawei to mitigate risks associated with this issue.

Affected Version(s)

EMUI 14.0.0

HarmonyOS 5.0.0

HarmonyOS 4.3.0

References

https://consumer.huawei.com/en/support/bulletin/2025/2/

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 6, 2025
Vulnerability Reserved
Jan 22, 2025