CVE-2015-8088

HIGH

Huawei Mate 7/P8 - Buffer Overflow

Title source: llm

Description

Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application.

Exploits (2)

exploitdb WORKING POC

by pray3r · clocalhardware

https://www.exploit-db.com/exploits/44306

View Code ZIP pw:eip

nomisec WORKING POC 3 stars

by Pray3r · poc

https://github.com/Pray3r/CVE-2015-8088

View Code ZIP pw:eip

References (2)

[Vendor Advisory] http://www.huawei.com/en/psirt/security-advisories/hw-460347

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/77560

Scores

CVSS v3 7.8

EPSS 0.0080

EPSS Percentile 74.2%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (9)

huawei/mate_7_firmware mt7-cl00

huawei/mate_7_firmware mt7-tl00

huawei/mate_7_firmware mt7-tl10

huawei/mate_7_firmware mt7-ul00

huawei/p8_firmware gra-cl10

huawei/p8_firmware gra-cl100

huawei/p8_firmware gra-tl00

huawei/p8_firmware gra-ul10

huawei/p8_firmware gra-ul100

Published Jan 12, 2016

Tracked Since Feb 18, 2026