There is a use-after-free (UAF) vulnerability in some Huawei smart phone. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service. (Vulnerability ID: HWPSIRT-2020-03109)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9084.
Huawei has released software updates to fix this vulnerability. This advisory is available at the following link: