Sign-up

ID

VAR-201706-1146


TITLE

Huawei Y6 Pro graphics Driver Memory Leak Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2017-11751

DESCRIPTION

HuaweiY6Pro is a smartphone from China's Huawei company. A memory leak vulnerability exists in the Huawei Y6Pro mobile phone graphics driver using the MTK platform. Due to insufficient input verification, the attacker lured the user to install a malicious application that obtained the system privileges of the Android system. The application can use this vulnerability to send specific parameters to the mobile phone driver, resulting in memory leaks.

Trust: 0.6

sources: CNVD: CNVD-2017-11751

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-11751

AFFECTED PRODUCTS

vendor:huaweimodel:y6 pro <=tit-l01c576b119scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2017-11751

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2017-11751
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2017-11751
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2017-11751

PATCH

title:HuaweiY6Prographics driver patch for memory leaksurl:https://www.cnvd.org.cn/patchinfo/show/96639

Trust: 0.6

sources: CNVD: CNVD-2017-11751

EXTERNAL IDS

db:CNVDid:CNVD-2017-11751

Trust: 0.6

sources: CNVD: CNVD-2017-11751

REFERENCES

url:http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20170527-01-smartphone-cn

Trust: 0.6

sources: CNVD: CNVD-2017-11751

SOURCES

db:CNVDid:CNVD-2017-11751

LAST UPDATE DATE

2022-05-04T09:23:16.850000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2017-11751date:2017-06-28T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2017-11751date:2017-06-28T00:00:00