Search

Find a vulnerability

Search criteria

    14 vulnerabilities found for p9_lite_firmware by huawei

    CVE-2017-17313 (GCVE-0-2017-17313)

    Vulnerability from nvd – Published: 2018-04-19 14:00 – Updated: 2024-09-16 16:23
    VLAI
    Summary
    The inputhub driver of HUAWEI P9 Lite mobile phones with Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and the APP may sends specific data to the inputhub driver to exploit this vulnerability, successful exploit could cause the system reboot.
    Severity
    No CVSS data available.
    CWE
    • buffer overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. HUAWEI P9 Lite Affected: Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396
    Create a notification for this product.
    Date Public
    2018-04-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:30.518Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-02-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HUAWEI P9 Lite",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396"
                }
              ]
            }
          ],
          "datePublic": "2018-04-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The inputhub driver of HUAWEI P9 Lite mobile phones with Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and the APP may sends specific data to the inputhub driver to exploit this vulnerability, successful exploit could cause the system reboot."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-04-19T13:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-02-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "DATE_PUBLIC": "2018-04-18T00:00:00",
              "ID": "CVE-2017-17313",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "HUAWEI P9 Lite",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The inputhub driver of HUAWEI P9 Lite mobile phones with Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and the APP may sends specific data to the inputhub driver to exploit this vulnerability, successful exploit could cause the system reboot."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-02-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-02-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17313",
        "datePublished": "2018-04-19T14:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:23:50.913Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-8143 (GCVE-0-2017-8143)

    Vulnerability from nvd – Published: 2017-11-22 19:00 – Updated: 2024-09-17 03:17
    VLAI
    Summary
    Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 has a DoS vulnerability. An attacker may trick a user into installing a malicious application and the application can access invalid address of driver to crash the system.
    Severity
    No CVSS data available.
    CWE
    • DoS
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. Honor 5C, P9 Lite Affected: Versions earlier than NEM-L21C432B351, Versions earlier than VNS-L21C10B381
    Create a notification for this product.
    Date Public
    2017-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:27:22.816Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "99256",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99256"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170623-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Honor 5C, P9 Lite",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than NEM-L21C432B351, Versions earlier than VNS-L21C10B381"
                }
              ]
            }
          ],
          "datePublic": "2017-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 has a DoS vulnerability. An attacker may trick a user into installing a malicious application and the application can access invalid address of driver to crash the system."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "DoS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-23T10:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "name": "99256",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99256"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170623-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "DATE_PUBLIC": "2017-11-15T00:00:00",
              "ID": "CVE-2017-8143",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Honor 5C, P9 Lite",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than NEM-L21C432B351, Versions earlier than VNS-L21C10B381"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 has a DoS vulnerability. An attacker may trick a user into installing a malicious application and the application can access invalid address of driver to crash the system."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "DoS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "99256",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99256"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170623-01-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170623-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-8143",
        "datePublished": "2017-11-22T19:00:00.000Z",
        "dateReserved": "2017-04-25T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:17:53.947Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-2697 (GCVE-0-2017-2697)

    Vulnerability from nvd – Published: 2017-11-22 19:00 – Updated: 2024-08-05 14:02
    VLAI
    Summary
    The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2017-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T14:02:07.289Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170208-02-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2017-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-22T18:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170208-02-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-2697",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170208-02-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170208-02-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-2697",
        "datePublished": "2017-11-22T19:00:00.000Z",
        "dateReserved": "2016-12-01T00:00:00.000Z",
        "dateUpdated": "2024-08-05T14:02:07.289Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8776 (GCVE-0-2016-8776)

    Vulnerability from nvd – Published: 2017-04-02 20:00 – Updated: 2024-08-06 02:35
    VLAI
    Summary
    Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account.
    Severity
    No CVSS data available.
    CWE
    • Factory Reset Protection (FRP) bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185, Affected: P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,
    Date Public
    2017-03-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:35:01.434Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94836",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94836"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,"
                }
              ]
            }
          ],
          "datePublic": "2017-03-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Factory Reset Protection (FRP) bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-03T09:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "name": "94836",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94836"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2016-8776",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Factory Reset Protection (FRP) bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94836",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94836"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2016-8776",
        "datePublished": "2017-04-02T20:00:00.000Z",
        "dateReserved": "2016-10-18T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:35:01.434Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8764 (GCVE-0-2016-8764)

    Vulnerability from nvd – Published: 2017-04-02 20:00 – Updated: 2024-08-06 02:35
    VLAI
    Summary
    The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver.
    Severity
    No CVSS data available.
    CWE
    • input validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions Affected: P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions
    Date Public
    2017-03-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:35:00.223Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94509",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94509"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions"
                }
              ]
            }
          ],
          "datePublic": "2017-03-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "input validation",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-03T09:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "name": "94509",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94509"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2016-8764",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "input validation"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94509",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94509"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2016-8764",
        "datePublished": "2017-04-02T20:00:00.000Z",
        "dateReserved": "2016-10-18T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:35:00.223Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8763 (GCVE-0-2016-8763)

    Vulnerability from nvd – Published: 2017-04-02 20:00 – Updated: 2024-08-06 02:35
    VLAI
    Summary
    The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows attackers to cause a system restart or privilege elevation.
    Severity
    No CVSS data available.
    CWE
    • improper resource release
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions Affected: P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions
    Date Public
    2017-03-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:35:00.303Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94509",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94509"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions"
                }
              ]
            }
          ],
          "datePublic": "2017-03-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows attackers to cause a system restart or privilege elevation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "improper resource release",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-03T09:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "name": "94509",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94509"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2016-8763",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows attackers to cause a system restart or privilege elevation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "improper resource release"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94509",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94509"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2016-8763",
        "datePublished": "2017-04-02T20:00:00.000Z",
        "dateReserved": "2016-10-18T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:35:00.303Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8762 (GCVE-0-2016-8762)

    Vulnerability from nvd – Published: 2017-04-02 20:00 – Updated: 2024-08-06 02:35
    VLAI
    Summary
    The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to cause the system to restart.
    Severity
    No CVSS data available.
    CWE
    • input validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions Affected: P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions
    Date Public
    2017-03-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:35:00.015Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94509",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94509"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions"
                }
              ]
            }
          ],
          "datePublic": "2017-03-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to cause the system to restart."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "input validation",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-03T09:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "name": "94509",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94509"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2016-8762",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to cause the system to restart."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "input validation"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94509",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94509"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2016-8762",
        "datePublished": "2017-04-02T20:00:00.000Z",
        "dateReserved": "2016-10-18T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:35:00.015Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17313 (GCVE-0-2017-17313)

    Vulnerability from cvelistv5 – Published: 2018-04-19 14:00 – Updated: 2024-09-16 16:23
    VLAI
    Summary
    The inputhub driver of HUAWEI P9 Lite mobile phones with Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and the APP may sends specific data to the inputhub driver to exploit this vulnerability, successful exploit could cause the system reboot.
    Severity
    No CVSS data available.
    CWE
    • buffer overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. HUAWEI P9 Lite Affected: Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396
    Create a notification for this product.
    Date Public
    2018-04-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:30.518Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-02-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HUAWEI P9 Lite",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396"
                }
              ]
            }
          ],
          "datePublic": "2018-04-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The inputhub driver of HUAWEI P9 Lite mobile phones with Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and the APP may sends specific data to the inputhub driver to exploit this vulnerability, successful exploit could cause the system reboot."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-04-19T13:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-02-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "DATE_PUBLIC": "2018-04-18T00:00:00",
              "ID": "CVE-2017-17313",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "HUAWEI P9 Lite",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The inputhub driver of HUAWEI P9 Lite mobile phones with Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and the APP may sends specific data to the inputhub driver to exploit this vulnerability, successful exploit could cause the system reboot."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-02-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-02-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17313",
        "datePublished": "2018-04-19T14:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:23:50.913Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-2697 (GCVE-0-2017-2697)

    Vulnerability from cvelistv5 – Published: 2017-11-22 19:00 – Updated: 2024-08-05 14:02
    VLAI
    Summary
    The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2017-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T14:02:07.289Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170208-02-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2017-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-22T18:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170208-02-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-2697",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170208-02-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170208-02-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-2697",
        "datePublished": "2017-11-22T19:00:00.000Z",
        "dateReserved": "2016-12-01T00:00:00.000Z",
        "dateUpdated": "2024-08-05T14:02:07.289Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-8143 (GCVE-0-2017-8143)

    Vulnerability from cvelistv5 – Published: 2017-11-22 19:00 – Updated: 2024-09-17 03:17
    VLAI
    Summary
    Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 has a DoS vulnerability. An attacker may trick a user into installing a malicious application and the application can access invalid address of driver to crash the system.
    Severity
    No CVSS data available.
    CWE
    • DoS
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. Honor 5C, P9 Lite Affected: Versions earlier than NEM-L21C432B351, Versions earlier than VNS-L21C10B381
    Create a notification for this product.
    Date Public
    2017-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:27:22.816Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "99256",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99256"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170623-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Honor 5C, P9 Lite",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than NEM-L21C432B351, Versions earlier than VNS-L21C10B381"
                }
              ]
            }
          ],
          "datePublic": "2017-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 has a DoS vulnerability. An attacker may trick a user into installing a malicious application and the application can access invalid address of driver to crash the system."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "DoS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-23T10:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "name": "99256",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99256"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170623-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "DATE_PUBLIC": "2017-11-15T00:00:00",
              "ID": "CVE-2017-8143",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Honor 5C, P9 Lite",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than NEM-L21C432B351, Versions earlier than VNS-L21C10B381"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 has a DoS vulnerability. An attacker may trick a user into installing a malicious application and the application can access invalid address of driver to crash the system."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "DoS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "99256",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99256"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170623-01-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170623-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-8143",
        "datePublished": "2017-11-22T19:00:00.000Z",
        "dateReserved": "2017-04-25T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:17:53.947Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8764 (GCVE-0-2016-8764)

    Vulnerability from cvelistv5 – Published: 2017-04-02 20:00 – Updated: 2024-08-06 02:35
    VLAI
    Summary
    The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver.
    Severity
    No CVSS data available.
    CWE
    • input validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions Affected: P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions
    Date Public
    2017-03-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:35:00.223Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94509",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94509"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions"
                }
              ]
            }
          ],
          "datePublic": "2017-03-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "input validation",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-03T09:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "name": "94509",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94509"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2016-8764",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "input validation"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94509",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94509"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2016-8764",
        "datePublished": "2017-04-02T20:00:00.000Z",
        "dateReserved": "2016-10-18T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:35:00.223Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8776 (GCVE-0-2016-8776)

    Vulnerability from cvelistv5 – Published: 2017-04-02 20:00 – Updated: 2024-08-06 02:35
    VLAI
    Summary
    Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account.
    Severity
    No CVSS data available.
    CWE
    • Factory Reset Protection (FRP) bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185, Affected: P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,
    Date Public
    2017-03-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:35:01.434Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94836",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94836"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,"
                }
              ]
            }
          ],
          "datePublic": "2017-03-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Factory Reset Protection (FRP) bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-03T09:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "name": "94836",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94836"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2016-8776",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Factory Reset Protection (FRP) bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94836",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94836"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2016-8776",
        "datePublished": "2017-04-02T20:00:00.000Z",
        "dateReserved": "2016-10-18T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:35:01.434Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8762 (GCVE-0-2016-8762)

    Vulnerability from cvelistv5 – Published: 2017-04-02 20:00 – Updated: 2024-08-06 02:35
    VLAI
    Summary
    The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to cause the system to restart.
    Severity
    No CVSS data available.
    CWE
    • input validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions Affected: P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions
    Date Public
    2017-03-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:35:00.015Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94509",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94509"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions"
                }
              ]
            }
          ],
          "datePublic": "2017-03-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to cause the system to restart."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "input validation",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-03T09:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "name": "94509",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94509"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2016-8762",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to cause the system to restart."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "input validation"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94509",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94509"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2016-8762",
        "datePublished": "2017-04-02T20:00:00.000Z",
        "dateReserved": "2016-10-18T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:35:00.015Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8763 (GCVE-0-2016-8763)

    Vulnerability from cvelistv5 – Published: 2017-04-02 20:00 – Updated: 2024-08-06 02:35
    VLAI
    Summary
    The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows attackers to cause a system restart or privilege elevation.
    Severity
    No CVSS data available.
    CWE
    • improper resource release
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions Affected: P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions
    Date Public
    2017-03-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:35:00.303Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94509",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94509"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions"
                }
              ]
            }
          ],
          "datePublic": "2017-03-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows attackers to cause a system restart or privilege elevation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "improper resource release",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-03T09:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "name": "94509",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94509"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2016-8763",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows attackers to cause a system restart or privilege elevation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "improper resource release"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94509",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94509"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2016-8763",
        "datePublished": "2017-04-02T20:00:00.000Z",
        "dateReserved": "2016-10-18T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:35:00.303Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }