{"id": "CVE-2017-8148", "bulletinFamily": "NVD", "title": "CVE-2017-8148", "description": "Audio driver in P9 smartphones with software The versions before EVA-AL10C00B389 has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and the race condition cause null pointer accessing during the application access shared resource, which make the system reboot.", "published": "2017-11-22T19:29:00", "modified": "2017-12-12T18:21:00", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8148", "reporter": "cve@mitre.org", "references": ["http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-smartphone-en"], "cvelist": ["CVE-2017-8148"], "type": "cve", "lastseen": "2021-02-02T06:36:50", "edition": 8, "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "huawei", "idList": ["HUAWEI-SA-20170802-01-SMARTPHONE"]}], "modified": "2021-02-02T06:36:50", "rev": 2}, "score": {"value": 5.5, "vector": "NONE", "modified": "2021-02-02T06:36:50", "rev": 2}, "vulnersScore": 5.5}, "cpe": [], "affectedSoftware": [{"cpeName": "huawei:p9_firmware", "name": "huawei p9 firmware", "operator": "lt", "version": "eva-al10c00b389"}], "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 5.4, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.0, "impactScore": 3.6}, "cpe23": [], "cwe": ["CWE-362"], "scheme": null, "affectedConfiguration": [{"cpeName": "huawei:p9", "name": "huawei p9", "operator": "eq", "version": "-"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:eva-al10c00b389:*:*:*:*:*:*:*", "versionEndExcluding": "eva-al10c00b389", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}]}, "extraReferences": [{"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-smartphone-en", "refsource": "CONFIRM", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-smartphone-en"}], "immutableFields": []}

{"huawei": [{"lastseen": "2019-02-01T18:02:08", "bulletinFamily": "software", "cvelist": ["CVE-2017-8148"], "description": "Products\n\nSwitches\nRouters\nWLAN\nServers\nSee All\n\n\n\nSolutions\n\nCloud Data Center\nEnterprise Networking\nWireless Private Network\nSolutions by Industry\nSee All\n\n\n\nServices\n\nTraining and Certification\nICT Lifecycle Services\nTechnology Services\nIndustry Solution Services\nSee All\n\n\n\nSee all offerings at e.huawei.com\n\n\n\nNeed Support ?\n\nProduct Support\nSoftware Download\nCommunity\nTools\n\nGo to Full Support", "edition": 1, "modified": "2017-08-02T00:00:00", "published": "2017-08-02T00:00:00", "id": "HUAWEI-SA-20170802-01-SMARTPHONE", "href": "https://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170802-01-smartphone-en", "title": "Security Advisory - DoS Vulnerability of Audio Driver in Some Huawei Smartphones", "type": "huawei", "cvss": {"score": 5.4, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}