CVE-2019-5224
MEDIUMP30 <ELLE-AL00B 9.1.0.193(C00E190R1P21 - Info Disclosure
Title source: llmDescription
P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21) have an out of bounds read vulnerability. The system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause out of bounds read and information disclosure.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-03-smartphone-en
Scores
CVSS v3
5.5
EPSS
0.0014
EPSS Percentile
33.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Details
CWE
CWE-125
Status
published
Products (1)
huawei/p30_firmware
< elle-al00b_9.1.0.193\(c00e190r1p21\)
Published
Nov 29, 2019
Tracked Since
Feb 18, 2026