CVE-2015-8226
MEDIUMHuawei ALE and GEM-703L Firmware - Denial of Service via JPU Driver Input Validation
Title source: llmDescription
The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with software before ALE-UL00C00B220 and ALE-TL00C01B220 and GEM-703L smartphones with software before V100R001C233B111 allows remote attackers to cause a denial of service (crash) via a crafted application with the system or camera permission, a different vulnerability than CVE-2015-8225.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-465532.htm
Scores
CVSS v3
5.5
EPSS
0.0012
EPSS Percentile
30.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (2)
huawei/ale_firmware
huawei/gem-703l_firmware
Published
Jan 08, 2016
Tracked Since
Feb 18, 2026