Security Advisory - Buffer overflow Vulnerability in CameraISP Driver of Huawei Smart Phone

Type huawei
Reporter Huawei Technologies
Modified 2017-11-15T00:00:00


The CameraISP driver of some Huawei smart phones has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP, the APP can send a specific parameter to the CameraISP driver of the smart phone, causing system reboot. (Vulnerability ID: HWPSIRT-2017-07178)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-8202.  Huawei has released software updates to fix this vulnerability. This advisory is available at the following link: