CVE-2019-5214
MEDIUMHuawei Mate10 <ALP-AL00B 9.0.0.167(C00E85R2P20T8 - Use After Free
Title source: llmDescription
There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8). An attacker tricks the user into installing a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause a denial of service condition.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190109-01-smartphone-en
Scores
CVSS v3
5.5
EPSS
0.0008
EPSS Percentile
23.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-416
Status
published
Products (1)
huawei/mate_10_firmware
< alp-al00b_9.0.0.167\(c00e85r2p20t8\)
Published
Jun 06, 2019
Tracked Since
Feb 18, 2026