CVE-2017-17320

HIGH

Huawei Mate 9 Pro - Memory Corruption

Title source: llm

Description

Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a memory double free vulnerability. The system does not manage the memory properly, that frees on the same memory address twice. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in malicious code execution.

References (1)

[Vendor Advisory] http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180314-02-smartphone-en

Scores

CVSS v3 7.8

EPSS 0.0011

EPSS Percentile 29.0%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-415

Status published

Affected Products (3)

huawei/mate_9_pro_firmware

Timeline

Published Mar 20, 2018

Tracked Since Feb 18, 2026