CVE-2016-8762

MEDIUM

Huawei P9 <EVA-AL10C00B352 - DoS

Title source: llm

Description

The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to cause the system to restart.

References (2)

[Vendor Advisory] http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/94509

Scores

CVSS v3 5.0

EPSS 0.0003

EPSS Percentile 7.2%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

Classification

CWE

CWE-20

Status published

Affected Products (4)

huawei/p9_firmware

huawei/p9_lite_firmware < vns-l21c185b130

huawei/p8_lite_firmware < ale-l02c636b150

n/a/P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions < P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L0

Timeline

Published Apr 02, 2017

Tracked Since Feb 18, 2026