CVE-2019-5305
MEDIUMHuawei Mate 10 <ALP-L29 9.0.0.159(C185) - Memory Corruption
Title source: llmDescription
The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C185) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a system crash.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190128-01-ivp-en
Scores
CVSS v3
5.5
EPSS
0.0007
EPSS Percentile
21.2%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-415
Status
published
Products (1)
huawei/mate_10_firmware
< alp-l29_9.0.0.159\(c185\)
Published
Jun 06, 2019
Tracked Since
Feb 18, 2026