Security Advisory - Buffer Overflow Vulnerability in HIFI Driver of Huawei Smart Phone

Type huawei
Reporter Huawei Technologies
Modified 2016-11-23T00:00:00


The HIFI driver of some Huawei products has buffer overflow vulnerability due to the lack of a parameters check. An attacker can get ROOT privilege and send given parameter to driver to crash the system or execute arbitrary code. (Vulnerability ID: HWPSIRT-2016-05220) This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-8774. Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link: