CVE-2019-5305

MEDIUM

Huawei Mate 10 <ALP-L29 9.0.0.159(C185) - Memory Corruption

Title source: llm

Description

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C185) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a system crash.

References (1)

[Vendor Advisory] http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190128-01-ivp-en

Scores

CVSS v3 5.5

EPSS 0.0007

EPSS Percentile 21.1%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Classification

CWE

CWE-415

Status published

Affected Products (1)

huawei/mate_10_firmware < alp-l29_9.0.0.159\(c185\)

Timeline

Published Jun 06, 2019

Tracked Since Feb 18, 2026