Stack overflow

2017-12-2217:29:00

PRIOn knowledge base

www.prio-n.com

9 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.9%

JSON

The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00), and before LON-AL00B 8.0.0.334(C00) have a stack overflow vulnerability due to the lack of parameter validation. An attacker could send malicious packets to the smart phones within radio range by special wireless device, which leads stack overflow when the baseband module handles these packets. The attacker could exploit this vulnerability to perform a denial of service attack or remote code execution in baseband module.

CPENameOperatorVersion
mate_10_firmwareeq< alpal08.0.0.120sp2c0
mate_10_pro_firmwareeq< blaal08.0.0.120sp2c0
mate_9_firmwareeq< mhaal0b8.0.0.334c0
mate_9_pro_firmwareeq< lonal0b8.0.0.334c0

Name	Operator	Version
mate_10_firmware	eq	< alpal08.0.0.120sp2c0
mate_10_pro_firmware	eq	< blaal08.0.0.120sp2c0
mate_9_firmware	eq	< mhaal0b8.0.0.334c0
mate_9_pro_firmware	eq	< lonal0b8.0.0.334c0