CVE-2017-17227

2018-03-0917:00:00

huawei

www.cve.org

0.001 Low

EPSS

Percentile

31.6%

JSON

GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause accessing out-of-bounds memory. Successful exploit may result in phone crash or arbitrary code execution.

CNA Affected

[
  {
    "product": "Mate 10",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "The versions before ALP-L09 8.0.0.120(C212)"
      },
      {
        "status": "affected",
        "version": "The versions before ALP-L09 8.0.0.127(C900)"
      },
      {
        "status": "affected",
        "version": "The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652)"
      }
    ]
  }
]

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-smartphone-en

0.001 Low

EPSS

Percentile

31.6%

JSON

Related for CVELIST:CVE-2017-17227