CVE-2021-36994

2021-10-2812:26:58

huawei

www.cve.org

4.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.9%

JSON

There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause exceptions when managing the system trustlist.

CNA Affected

[
  {
    "product": "EMUI",
    "vendor": "Huawei",
    "versions": [
      {
        "status": "affected",
        "version": "11.0.0"
      },
      {
        "status": "affected",
        "version": "10.1.1"
      }
    ]
  },
  {
    "product": "Magic UI",
    "vendor": "Huawei",
    "versions": [
      {
        "status": "affected",
        "version": "4.0.0"
      },
      {
        "status": "affected",
        "version": "3.1.1"
      }
    ]
  }
]

References

consumer.huawei.com/en/support/bulletin/2021/7/