Search criteria
14 vulnerabilities found for yale-l21a_firmware by huawei
CVE-2020-9223 (GCVE-0-2020-9223)
Vulnerability from nvd – Published: 2020-12-29 17:59 – Updated: 2024-08-04 10:19
VLAI?
Summary
There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processing of received abnormal messages, remote attackers may exploit this vulnerability to cause a denial of service (DoS) on the specific module.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| n/a | HONOR 20 PRO |
Affected:
Versions earlier than 10.1.0.230(C432E9R5P1)
Affected: Versions earlier than 10.1.0.231(C10E3R3P2) Affected: Versions earlier than 10.1.0.231(C185E3R5P1) Affected: Versions earlier than 10.1.0.231(C636E3R3P1) |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-03-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HONOR 20 PRO",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.230(C432E9R5P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.231(C10E3R3P2)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.231(C185E3R5P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.231(C636E3R3P1)"
}
]
},
{
"product": "Princeton-AL10D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.168(C00E166R4P11)"
}
]
},
{
"product": "Yale-L21A",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.230(C432E9R5P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.231(C10E3R3P2)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.231(C185E2R2P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.231(C636E3R3P1)"
}
]
},
{
"product": "Yale-L61A",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.225(C432E3R1P2)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.226(C10E3R1P1)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processing of received abnormal messages, remote attackers may exploit this vulnerability to cause a denial of service (DoS) on the specific module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-29T17:59:32",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-03-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9223",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HONOR 20 PRO",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.230(C432E9R5P1)"
},
{
"version_value": "Versions earlier than 10.1.0.231(C10E3R3P2)"
},
{
"version_value": "Versions earlier than 10.1.0.231(C185E3R5P1)"
},
{
"version_value": "Versions earlier than 10.1.0.231(C636E3R3P1)"
}
]
}
},
{
"product_name": "Princeton-AL10D",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.168(C00E166R4P11)"
}
]
}
},
{
"product_name": "Yale-L21A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.230(C432E9R5P1)"
},
{
"version_value": "Versions earlier than 10.1.0.231(C10E3R3P2)"
},
{
"version_value": "Versions earlier than 10.1.0.231(C185E2R2P1)"
},
{
"version_value": "Versions earlier than 10.1.0.231(C636E3R3P1)"
}
]
}
},
{
"product_name": "Yale-L61A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.225(C432E3R1P2)"
},
{
"version_value": "Versions earlier than 10.1.0.226(C10E3R1P1)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processing of received abnormal messages, remote attackers may exploit this vulnerability to cause a denial of service (DoS) on the specific module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-03-smartphone-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-03-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9223",
"datePublished": "2020-12-29T17:59:32",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9235 (GCVE-0-2020-9235)
Vulnerability from nvd – Published: 2020-09-03 18:04 – Updated: 2024-08-04 10:19
VLAI?
Summary
Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak.
Severity ?
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HONOR 20 PRO;Honor View 20;OxfordS-AN00A;Princeton-AL10B;Princeton-AL10D;Princeton-TL10C;Tony-AL00B;Yale-AL00A;Yale-L21A;Yale-L61A |
Affected:
Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1)
Affected: Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3) Affected: Versions earlier than 10.1.0.212(C00E210R5P1) Affected: Versions earlier than 10.1.0.160(C00E160R2P11) Affected: Versions earlier than 10.1.0.160(C01E160R2P11) Affected: Versions earlier than 10.1.0.160(C00E160R8P12) Affected: Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1) Affected: Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HONOR 20 PRO;Honor View 20;OxfordS-AN00A;Princeton-AL10B;Princeton-AL10D;Princeton-TL10C;Tony-AL00B;Yale-AL00A;Yale-L21A;Yale-L61A",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.212(C00E210R5P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C01E160R2P11)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R8P12)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-03T18:04:26",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HONOR 20 PRO;Honor View 20;OxfordS-AN00A;Princeton-AL10B;Princeton-AL10D;Princeton-TL10C;Tony-AL00B;Yale-AL00A;Yale-L21A;Yale-L61A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1)"
},
{
"version_value": "Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3)"
},
{
"version_value": "Versions earlier than 10.1.0.212(C00E210R5P1)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C01E160R2P11)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R8P12)"
},
{
"version_value": "Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1)"
},
{
"version_value": "Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9235",
"datePublished": "2020-09-03T18:04:26",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5303 (GCVE-0-2019-5303)
Vulnerability from nvd – Published: 2020-04-27 20:01 – Updated: 2024-08-04 19:54
VLAI?
Summary
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | ALP-AL00B |
Affected:
Versions earlier than 9.1.0.333(C00E333R2P1T8)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ALP-AL00B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
},
{
"product": "ALP-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.300(C432E4R1P9T8)"
}
]
},
{
"product": "ALP-L29",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.315(C636E5R1P13T8)"
}
]
},
{
"product": "BLA-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.321(C636E4R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.330(C432E6R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.302(C635E4R1P13T8)"
}
]
},
{
"product": "Berkeley-AL20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
},
{
"product": "Berkeley-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C10E3R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C636E4R1P13T8)"
}
]
},
{
"product": "Charlotte-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E4R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
}
]
},
{
"product": "Charlotte-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.325(C185E4R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.335(C636E3R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.336(C605E3R1P12T8)"
}
]
},
{
"product": "Columbia-AL10B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "Columbia-L29D",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C461E3R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C185E3R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C10E5R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
}
]
},
{
"product": "Cornell-AL00A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "Cornell-L29A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C185E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C432E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.330(C461E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C636E2R1P12T8)"
}
]
},
{
"product": "Emily-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.336(C605E4R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E2R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E10R1P12T8)"
}
]
},
{
"product": "Emily-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C605E2R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C636E7R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C432E7R1P11T8)"
}
]
},
{
"product": "Ever-L29B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E3R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.131(C00E131R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.310(C185E10R2P1)"
}
]
},
{
"product": "HUAWEI Mate 20 RS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.135(C786E133R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20 X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.135(C00E133R2P1)"
}
]
},
{
"product": "HUAWEI P20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "HUAWEI P20 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "HUAWEI P30",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.193"
}
]
},
{
"product": "HUAWEI P30 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.186(C00E180R2P1)"
}
]
},
{
"product": "HUAWEI Y9 2019",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.220(C605E3R1P1T8)"
}
]
},
{
"product": "HUAWEI nova lite 3",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.305(C635E8R2P2)"
}
]
},
{
"product": "Honor 10 Lite",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.283(C605E8R2P2)"
}
]
},
{
"product": "Honor 8X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.221(C461E2R1P1T8)"
}
]
},
{
"product": "Honor View 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.238(C432E1R3P1)"
}
]
},
{
"product": "Jackman-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.247(C636E2R4P1T8)"
}
]
},
{
"product": "Paris-L21B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C432E1R1P2T8)"
}
]
},
{
"product": "Paris-L21MEB",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C185E4R1P3T8)"
}
]
},
{
"product": "Paris-L29B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C636E1R1P3T8)"
}
]
},
{
"product": "Sydney-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.212(C00E62R1P7T8)"
}
]
},
{
"product": "Sydney-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C432E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
}
]
},
{
"product": "Sydney-L21BR",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P2T8)"
}
]
},
{
"product": "Sydney-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
},
{
"product": "Sydney-L22BR",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
},
{
"product": "SydneyM-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.228(C00E78R1P7T8)"
}
]
},
{
"product": "SydneyM-L01",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C782E2R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.270(C432E3R1P1T8)"
}
]
},
{
"product": "SydneyM-L03",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.217(C605E1R1P1T8)"
}
]
},
{
"product": "SydneyM-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.221(C461E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C432E4R1P1T8)"
}
]
},
{
"product": "SydneyM-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.259(C185E1R1P2T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.220(C635E1R1P2T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.216(C569E1R1P1T8)"
}
]
},
{
"product": "SydneyM-L23",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.226(C605E2R1P1T8)"
}
]
},
{
"product": "Yale-L21A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C432E2R3P2)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C461E2R2P1)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C636E2R2P1)"
}
]
},
{
"product": "Honor 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.152(C00E150R5P1)"
}
]
},
{
"product": "Honor Magic2",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.0.0.187"
}
]
},
{
"product": "Honor V20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.234(C00E234R4P3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-27T20:01:02",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ALP-AL00B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
}
},
{
"product_name": "ALP-L09",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.300(C432E4R1P9T8)"
}
]
}
},
{
"product_name": "ALP-L29",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.315(C636E5R1P13T8)"
}
]
}
},
{
"product_name": "BLA-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.321(C636E4R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.330(C432E6R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.302(C635E4R1P13T8)"
}
]
}
},
{
"product_name": "Berkeley-AL20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
}
},
{
"product_name": "Berkeley-L09",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.350(C10E3R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C636E4R1P13T8)"
}
]
}
},
{
"product_name": "Charlotte-L09C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C185E4R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "Charlotte-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.325(C185E4R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.335(C636E3R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.336(C605E3R1P12T8)"
}
]
}
},
{
"product_name": "Columbia-AL10B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "Columbia-L29D",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.350(C461E3R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C185E3R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C10E5R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
}
]
}
},
{
"product_name": "Cornell-AL00A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "Cornell-L29A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.328(C185E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.328(C432E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.330(C461E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.328(C636E2R1P12T8)"
}
]
}
},
{
"product_name": "Emily-L09C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.336(C605E4R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C185E2R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E10R1P12T8)"
}
]
}
},
{
"product_name": "Emily-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C605E2R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C636E7R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C432E7R1P11T8)"
}
]
}
},
{
"product_name": "Ever-L29B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C185E3R3P1)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.131(C00E131R3P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.310(C185E10R2P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 RS",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.135(C786E133R3P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.135(C00E133R2P1)"
}
]
}
},
{
"product_name": "HUAWEI P20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI P20 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI P30",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.193"
}
]
}
},
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.186(C00E180R2P1)"
}
]
}
},
{
"product_name": "HUAWEI Y9 2019",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.220(C605E3R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI nova lite 3",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.305(C635E8R2P2)"
}
]
}
},
{
"product_name": "Honor 10 Lite",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.283(C605E8R2P2)"
}
]
}
},
{
"product_name": "Honor 8X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.221(C461E2R1P1T8)"
}
]
}
},
{
"product_name": "Honor View 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.238(C432E1R3P1)"
}
]
}
},
{
"product_name": "Jackman-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.247(C636E2R4P1T8)"
}
]
}
},
{
"product_name": "Paris-L21B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C432E1R1P2T8)"
}
]
}
},
{
"product_name": "Paris-L21MEB",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C185E4R1P3T8)"
}
]
}
},
{
"product_name": "Paris-L29B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C636E1R1P3T8)"
}
]
}
},
{
"product_name": "Sydney-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.212(C00E62R1P7T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "Sydney-L21",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.215(C432E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
}
]
}
},
{
"product_name": "Sydney-L21BR",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P2T8)"
}
]
}
},
{
"product_name": "Sydney-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
}
},
{
"product_name": "Sydney-L22BR",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.228(C00E78R1P7T8)"
}
]
}
},
{
"product_name": "SydneyM-L01",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.215(C782E2R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.270(C432E3R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L03",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.217(C605E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L21",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.221(C461E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.215(C432E4R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.259(C185E1R1P2T8)"
},
{
"version_value": "Versions earlier than 9.1.0.220(C635E1R1P2T8)"
},
{
"version_value": "Versions earlier than 9.1.0.216(C569E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L23",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.226(C605E2R1P1T8)"
}
]
}
},
{
"product_name": "Yale-L21A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.154(C432E2R3P2)"
},
{
"version_value": "Versions earlier than 9.1.0.154(C461E2R2P1)"
},
{
"version_value": "Versions earlier than 9.1.0.154(C636E2R2P1)"
}
]
}
},
{
"product_name": "Honor 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.152(C00E150R5P1)"
}
]
}
},
{
"product_name": "Honor Magic2",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.187"
}
]
}
},
{
"product_name": "Honor V20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.234(C00E234R4P3)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5303",
"datePublished": "2020-04-27T20:01:02",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5302 (GCVE-0-2019-5302)
Vulnerability from nvd – Published: 2020-04-27 19:50 – Updated: 2024-08-04 19:54
VLAI?
Summary
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | Sydney-L21 |
Affected:
Versions earlier than 9.1.0.215(C432E1R1P1T8)
Affected: Versions earlier than 9.1.0.213(C185E1R1P1T8) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:52.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sydney-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C432E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
}
]
},
{
"product": "Sydney-L21BR",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P2T8)"
}
]
},
{
"product": "Sydney-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
},
{
"product": "Sydney-L22BR",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
},
{
"product": "SydneyM-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.228(C00E78R1P7T8)"
}
]
},
{
"product": "SydneyM-L01",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C782E2R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.270(C432E3R1P1T8)"
}
]
},
{
"product": "SydneyM-L03",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.217(C605E1R1P1T8)"
}
]
},
{
"product": "SydneyM-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.221(C461E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C432E4R1P1T8)"
}
]
},
{
"product": "SydneyM-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.259(C185E1R1P2T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.220(C635E1R1P2T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.216(C569E1R1P1T8)"
}
]
},
{
"product": "SydneyM-L23",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.226(C605E2R1P1T8)"
}
]
},
{
"product": "Yale-L21A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C432E2R3P2)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C461E2R2P1)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C636E2R2P1)"
}
]
},
{
"product": "Honor 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.152(C00E150R5P1)"
}
]
},
{
"product": "Honor Magic2",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.0.0.187"
}
]
},
{
"product": "Honor V20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.234(C00E234R4P3)"
}
]
},
{
"product": "HUAWEI Mate 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.131(C00E131R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.310(C185E10R2P1)"
}
]
},
{
"product": "HUAWEI Mate 20 RS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.135(C786E133R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20 X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.135(C00E133R2P1)"
}
]
},
{
"product": "HUAWEI P20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "HUAWEI P20 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "HUAWEI P30",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.193"
}
]
},
{
"product": "HUAWEI P30 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.186(C00E180R2P1)"
}
]
},
{
"product": "HUAWEI Y9 2019",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.220(C605E3R1P1T8)"
}
]
},
{
"product": "HUAWEI nova lite 3",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.305(C635E8R2P2)"
}
]
},
{
"product": "Honor 10 Lite",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.283(C605E8R2P2)"
}
]
},
{
"product": "Honor 8X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.221(C461E2R1P1T8)"
}
]
},
{
"product": "Honor View 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.238(C432E1R3P1)"
}
]
},
{
"product": "Jackman-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.247(C636E2R4P1T8)"
}
]
},
{
"product": "Paris-L21B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C432E1R1P2T8)"
}
]
},
{
"product": "Paris-L21MEB",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C185E4R1P3T8)"
}
]
},
{
"product": "Paris-L29B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C636E1R1P3T8)"
}
]
},
{
"product": "Sydney-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.212(C00E62R1P7T8)"
}
]
},
{
"product": "Charlotte-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.325(C185E4R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.335(C636E3R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.336(C605E3R1P12T8)"
}
]
},
{
"product": "Columbia-AL10B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "Columbia-L29D",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C461E3R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C185E3R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C10E5R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
}
]
},
{
"product": "Cornell-AL00A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "Cornell-L29A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C185E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C432E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.330(C461E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C636E2R1P12T8)"
}
]
},
{
"product": "Emily-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.336(C605E4R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E2R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E10R1P12T8)"
}
]
},
{
"product": "Emily-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C605E2R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C636E7R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C432E7R1P11T8)"
}
]
},
{
"product": "Ever-L29B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E3R3P1)"
}
]
},
{
"product": "ALP-AL00B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
},
{
"product": "ALP-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.300(C432E4R1P9T8)"
}
]
},
{
"product": "ALP-L29",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.315(C636E5R1P13T8)"
}
]
},
{
"product": "BLA-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.321(C636E4R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.330(C432E6R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.302(C635E4R1P13T8)"
}
]
},
{
"product": "Berkeley-AL20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
},
{
"product": "Berkeley-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C10E3R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C636E4R1P13T8)"
}
]
},
{
"product": "Charlotte-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E4R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-27T19:50:50",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5302",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sydney-L21",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.215(C432E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
}
]
}
},
{
"product_name": "Sydney-L21BR",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P2T8)"
}
]
}
},
{
"product_name": "Sydney-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
}
},
{
"product_name": "Sydney-L22BR",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.228(C00E78R1P7T8)"
}
]
}
},
{
"product_name": "SydneyM-L01",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.215(C782E2R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.270(C432E3R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L03",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.217(C605E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L21",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.221(C461E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.215(C432E4R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.259(C185E1R1P2T8)"
},
{
"version_value": "Versions earlier than 9.1.0.220(C635E1R1P2T8)"
},
{
"version_value": "Versions earlier than 9.1.0.216(C569E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L23",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.226(C605E2R1P1T8)"
}
]
}
},
{
"product_name": "Yale-L21A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.154(C432E2R3P2)"
},
{
"version_value": "Versions earlier than 9.1.0.154(C461E2R2P1)"
},
{
"version_value": "Versions earlier than 9.1.0.154(C636E2R2P1)"
}
]
}
},
{
"product_name": "Honor 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.152(C00E150R5P1)"
}
]
}
},
{
"product_name": "Honor Magic2",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.187"
}
]
}
},
{
"product_name": "Honor V20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.234(C00E234R4P3)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.131(C00E131R3P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.310(C185E10R2P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 RS",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.135(C786E133R3P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.135(C00E133R2P1)"
}
]
}
},
{
"product_name": "HUAWEI P20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI P20 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI P30",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.193"
}
]
}
},
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.186(C00E180R2P1)"
}
]
}
},
{
"product_name": "HUAWEI Y9 2019",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.220(C605E3R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI nova lite 3",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.305(C635E8R2P2)"
}
]
}
},
{
"product_name": "Honor 10 Lite",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.283(C605E8R2P2)"
}
]
}
},
{
"product_name": "Honor 8X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.221(C461E2R1P1T8)"
}
]
}
},
{
"product_name": "Honor View 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.238(C432E1R3P1)"
}
]
}
},
{
"product_name": "Jackman-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.247(C636E2R4P1T8)"
}
]
}
},
{
"product_name": "Paris-L21B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C432E1R1P2T8)"
}
]
}
},
{
"product_name": "Paris-L21MEB",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C185E4R1P3T8)"
}
]
}
},
{
"product_name": "Paris-L29B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C636E1R1P3T8)"
}
]
}
},
{
"product_name": "Sydney-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.212(C00E62R1P7T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "Charlotte-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.325(C185E4R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.335(C636E3R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.336(C605E3R1P12T8)"
}
]
}
},
{
"product_name": "Columbia-AL10B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "Columbia-L29D",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.350(C461E3R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C185E3R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C10E5R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
}
]
}
},
{
"product_name": "Cornell-AL00A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "Cornell-L29A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.328(C185E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.328(C432E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.330(C461E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.328(C636E2R1P12T8)"
}
]
}
},
{
"product_name": "Emily-L09C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.336(C605E4R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C185E2R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E10R1P12T8)"
}
]
}
},
{
"product_name": "Emily-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C605E2R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C636E7R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C432E7R1P11T8)"
}
]
}
},
{
"product_name": "Ever-L29B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C185E3R3P1)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "ALP-AL00B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
}
},
{
"product_name": "ALP-L09",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.300(C432E4R1P9T8)"
}
]
}
},
{
"product_name": "ALP-L29",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.315(C636E5R1P13T8)"
}
]
}
},
{
"product_name": "BLA-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.321(C636E4R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.330(C432E6R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.302(C635E4R1P13T8)"
}
]
}
},
{
"product_name": "Berkeley-AL20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
}
},
{
"product_name": "Berkeley-L09",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.350(C10E3R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C636E4R1P13T8)"
}
]
}
},
{
"product_name": "Charlotte-L09C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C185E4R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5302",
"datePublished": "2020-04-27T19:50:50",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:52.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0069 (GCVE-0-2020-0069)
Vulnerability from nvd – Published: 2020-03-10 19:56 – Updated: 2025-10-21 23:35
VLAI?
Summary
In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754
Severity ?
7.8 (High)
CWE
- Elevation of privilege
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2020-03-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-0069",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T13:03:30.656110Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0069"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:35:49.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0069"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2020-0069 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-27T11:06:04.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://source.android.com/security/bulletin/2020-03-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2020-0069",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android kernel"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2020-03-01",
"refsource": "MISC",
"url": "https://source.android.com/security/bulletin/2020-03-01"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2020-0069",
"datePublished": "2020-03-10T19:56:37.000Z",
"dateReserved": "2019-10-17T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:35:49.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-2215 (GCVE-0-2019-2215)
Vulnerability from nvd – Published: 2019-10-11 18:16 – Updated: 2025-10-21 23:45
VLAI?
Summary
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
Severity ?
7.8 (High)
CWE
- Elevation of privilege
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:42:50.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2019-10-01"
},
{
"name": "20191018 CVE 2019-2215 Android Binder Use After Free",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Oct/38"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"name": "USN-4186-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4186-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-2215",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T13:04:20.328785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:45:29.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2019-2215 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-02T19:06:43.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2019-10-01"
},
{
"name": "20191018 CVE 2019-2215 Android Binder Use After Free",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Oct/38"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"name": "USN-4186-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4186-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2019-2215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Kernel"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2019-10-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2019-10-01"
},
{
"name": "20191018 CVE 2019-2215 Android Binder Use After Free",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Oct/38"
},
{
"name": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
},
{
"name": "https://security.netapp.com/advisory/ntap-20191031-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"name": "USN-4186-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4186-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"name": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2019-2215",
"datePublished": "2019-10-11T18:16:48.000Z",
"dateReserved": "2018-12-10T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:45:29.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9506 (GCVE-0-2019-9506)
Vulnerability from nvd – Published: 2019-08-14 16:27 – Updated: 2024-09-16 19:14
VLAI?
Title
Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation
Summary
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
Severity ?
7.6 (High)
CWE
- CWE-310 - Cryptographic Issues
Assigner
References
Credits
Daniele Antonioli‚ Nils Ole Tippenhauer, Kasper Rasmussen
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#918987",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"name": "USN-4115-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"name": "USN-4118-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "USN-4147-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"name": "RHSA-2019:2975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"name": "openSUSE-SU-2019:2307",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"name": "openSUSE-SU-2019:2308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"name": "RHSA-2019:3076",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"name": "RHSA-2019:3055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"name": "RHSA-2019:3089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"name": "RHSA-2019:3187",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"name": "RHSA-2019:3165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"name": "RHSA-2019:3217",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"name": "RHSA-2019:3220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"name": "RHSA-2019:3231",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"name": "RHSA-2019:3218",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"name": "RHSA-2019:3309",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"name": "RHSA-2019:3517",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"name": "RHSA-2020:0204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"N/A"
],
"product": "BR/EDR",
"vendor": "Bluetooth",
"versions": [
{
"lessThanOrEqual": "5.1",
"status": "affected",
"version": "5.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Daniele Antonioli\u201a Nils Ole Tippenhauer, Kasper Rasmussen"
}
],
"datePublic": "2019-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310 Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-30T10:06:23",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#918987",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"name": "USN-4115-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"name": "USN-4118-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "USN-4147-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"name": "RHSA-2019:2975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"name": "openSUSE-SU-2019:2307",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"name": "openSUSE-SU-2019:2308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"name": "RHSA-2019:3076",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"name": "RHSA-2019:3055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"name": "RHSA-2019:3089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"name": "RHSA-2019:3187",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"name": "RHSA-2019:3165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"name": "RHSA-2019:3217",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"name": "RHSA-2019:3220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"name": "RHSA-2019:3231",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"name": "RHSA-2019:3218",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"name": "RHSA-2019:3309",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"name": "RHSA-2019:3517",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"name": "RHSA-2020:0204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
}
],
"source": {
"advisory": "VU#918987",
"defect": [
"VU#918987"
],
"discovery": "EXTERNAL"
},
"title": "Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation",
"workarounds": [
{
"lang": "en",
"value": "Bluetooth SIG Expedited Errata Correction 11838"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "KNOB",
"ASSIGNER": "cert@cert.org",
"DATE_PUBLIC": "2019-08-14",
"ID": "CVE-2019-9506",
"STATE": "PUBLIC",
"TITLE": "Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BR/EDR",
"version": {
"version_data": [
{
"platform": "N/A",
"version_affected": "\u003c=",
"version_name": "5.1",
"version_value": "5.1"
}
]
}
}
]
},
"vendor_name": "Bluetooth"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Daniele Antonioli\u201a Nils Ole Tippenhauer, Kasper Rasmussen"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310 Cryptographic Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#918987",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"name": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html",
"refsource": "MISC",
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"name": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli",
"refsource": "MISC",
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"name": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/",
"refsource": "CONFIRM",
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"name": "USN-4115-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"name": "USN-4118-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "USN-4147-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"name": "RHSA-2019:2975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"name": "openSUSE-SU-2019:2307",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"name": "openSUSE-SU-2019:2308",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"name": "RHSA-2019:3076",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"name": "RHSA-2019:3055",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"name": "RHSA-2019:3089",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"name": "RHSA-2019:3187",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"name": "RHSA-2019:3165",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"name": "RHSA-2019:3217",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"name": "RHSA-2019:3220",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"name": "RHSA-2019:3231",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"name": "RHSA-2019:3218",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"name": "RHSA-2019:3309",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"name": "RHSA-2019:3517",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"name": "RHSA-2020:0204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
}
]
},
"source": {
"advisory": "VU#918987",
"defect": [
"VU#918987"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Bluetooth SIG Expedited Errata Correction 11838"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9506",
"datePublished": "2019-08-14T16:27:45.059869Z",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-09-16T19:14:13.573Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9223 (GCVE-0-2020-9223)
Vulnerability from cvelistv5 – Published: 2020-12-29 17:59 – Updated: 2024-08-04 10:19
VLAI?
Summary
There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processing of received abnormal messages, remote attackers may exploit this vulnerability to cause a denial of service (DoS) on the specific module.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| n/a | HONOR 20 PRO |
Affected:
Versions earlier than 10.1.0.230(C432E9R5P1)
Affected: Versions earlier than 10.1.0.231(C10E3R3P2) Affected: Versions earlier than 10.1.0.231(C185E3R5P1) Affected: Versions earlier than 10.1.0.231(C636E3R3P1) |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-03-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HONOR 20 PRO",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.230(C432E9R5P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.231(C10E3R3P2)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.231(C185E3R5P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.231(C636E3R3P1)"
}
]
},
{
"product": "Princeton-AL10D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.168(C00E166R4P11)"
}
]
},
{
"product": "Yale-L21A",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.230(C432E9R5P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.231(C10E3R3P2)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.231(C185E2R2P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.231(C636E3R3P1)"
}
]
},
{
"product": "Yale-L61A",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.225(C432E3R1P2)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.226(C10E3R1P1)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processing of received abnormal messages, remote attackers may exploit this vulnerability to cause a denial of service (DoS) on the specific module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-29T17:59:32",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-03-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9223",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HONOR 20 PRO",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.230(C432E9R5P1)"
},
{
"version_value": "Versions earlier than 10.1.0.231(C10E3R3P2)"
},
{
"version_value": "Versions earlier than 10.1.0.231(C185E3R5P1)"
},
{
"version_value": "Versions earlier than 10.1.0.231(C636E3R3P1)"
}
]
}
},
{
"product_name": "Princeton-AL10D",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.168(C00E166R4P11)"
}
]
}
},
{
"product_name": "Yale-L21A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.230(C432E9R5P1)"
},
{
"version_value": "Versions earlier than 10.1.0.231(C10E3R3P2)"
},
{
"version_value": "Versions earlier than 10.1.0.231(C185E2R2P1)"
},
{
"version_value": "Versions earlier than 10.1.0.231(C636E3R3P1)"
}
]
}
},
{
"product_name": "Yale-L61A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.225(C432E3R1P2)"
},
{
"version_value": "Versions earlier than 10.1.0.226(C10E3R1P1)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processing of received abnormal messages, remote attackers may exploit this vulnerability to cause a denial of service (DoS) on the specific module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-03-smartphone-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-03-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9223",
"datePublished": "2020-12-29T17:59:32",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9235 (GCVE-0-2020-9235)
Vulnerability from cvelistv5 – Published: 2020-09-03 18:04 – Updated: 2024-08-04 10:19
VLAI?
Summary
Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak.
Severity ?
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HONOR 20 PRO;Honor View 20;OxfordS-AN00A;Princeton-AL10B;Princeton-AL10D;Princeton-TL10C;Tony-AL00B;Yale-AL00A;Yale-L21A;Yale-L61A |
Affected:
Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1)
Affected: Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3) Affected: Versions earlier than 10.1.0.212(C00E210R5P1) Affected: Versions earlier than 10.1.0.160(C00E160R2P11) Affected: Versions earlier than 10.1.0.160(C01E160R2P11) Affected: Versions earlier than 10.1.0.160(C00E160R8P12) Affected: Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1) Affected: Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HONOR 20 PRO;Honor View 20;OxfordS-AN00A;Princeton-AL10B;Princeton-AL10D;Princeton-TL10C;Tony-AL00B;Yale-AL00A;Yale-L21A;Yale-L61A",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.212(C00E210R5P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C01E160R2P11)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R8P12)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-03T18:04:26",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HONOR 20 PRO;Honor View 20;OxfordS-AN00A;Princeton-AL10B;Princeton-AL10D;Princeton-TL10C;Tony-AL00B;Yale-AL00A;Yale-L21A;Yale-L61A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1)"
},
{
"version_value": "Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3)"
},
{
"version_value": "Versions earlier than 10.1.0.212(C00E210R5P1)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C01E160R2P11)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R8P12)"
},
{
"version_value": "Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1)"
},
{
"version_value": "Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9235",
"datePublished": "2020-09-03T18:04:26",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5303 (GCVE-0-2019-5303)
Vulnerability from cvelistv5 – Published: 2020-04-27 20:01 – Updated: 2024-08-04 19:54
VLAI?
Summary
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | ALP-AL00B |
Affected:
Versions earlier than 9.1.0.333(C00E333R2P1T8)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ALP-AL00B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
},
{
"product": "ALP-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.300(C432E4R1P9T8)"
}
]
},
{
"product": "ALP-L29",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.315(C636E5R1P13T8)"
}
]
},
{
"product": "BLA-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.321(C636E4R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.330(C432E6R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.302(C635E4R1P13T8)"
}
]
},
{
"product": "Berkeley-AL20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
},
{
"product": "Berkeley-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C10E3R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C636E4R1P13T8)"
}
]
},
{
"product": "Charlotte-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E4R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
}
]
},
{
"product": "Charlotte-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.325(C185E4R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.335(C636E3R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.336(C605E3R1P12T8)"
}
]
},
{
"product": "Columbia-AL10B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "Columbia-L29D",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C461E3R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C185E3R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C10E5R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
}
]
},
{
"product": "Cornell-AL00A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "Cornell-L29A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C185E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C432E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.330(C461E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C636E2R1P12T8)"
}
]
},
{
"product": "Emily-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.336(C605E4R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E2R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E10R1P12T8)"
}
]
},
{
"product": "Emily-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C605E2R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C636E7R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C432E7R1P11T8)"
}
]
},
{
"product": "Ever-L29B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E3R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.131(C00E131R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.310(C185E10R2P1)"
}
]
},
{
"product": "HUAWEI Mate 20 RS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.135(C786E133R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20 X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.135(C00E133R2P1)"
}
]
},
{
"product": "HUAWEI P20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "HUAWEI P20 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "HUAWEI P30",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.193"
}
]
},
{
"product": "HUAWEI P30 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.186(C00E180R2P1)"
}
]
},
{
"product": "HUAWEI Y9 2019",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.220(C605E3R1P1T8)"
}
]
},
{
"product": "HUAWEI nova lite 3",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.305(C635E8R2P2)"
}
]
},
{
"product": "Honor 10 Lite",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.283(C605E8R2P2)"
}
]
},
{
"product": "Honor 8X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.221(C461E2R1P1T8)"
}
]
},
{
"product": "Honor View 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.238(C432E1R3P1)"
}
]
},
{
"product": "Jackman-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.247(C636E2R4P1T8)"
}
]
},
{
"product": "Paris-L21B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C432E1R1P2T8)"
}
]
},
{
"product": "Paris-L21MEB",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C185E4R1P3T8)"
}
]
},
{
"product": "Paris-L29B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C636E1R1P3T8)"
}
]
},
{
"product": "Sydney-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.212(C00E62R1P7T8)"
}
]
},
{
"product": "Sydney-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C432E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
}
]
},
{
"product": "Sydney-L21BR",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P2T8)"
}
]
},
{
"product": "Sydney-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
},
{
"product": "Sydney-L22BR",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
},
{
"product": "SydneyM-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.228(C00E78R1P7T8)"
}
]
},
{
"product": "SydneyM-L01",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C782E2R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.270(C432E3R1P1T8)"
}
]
},
{
"product": "SydneyM-L03",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.217(C605E1R1P1T8)"
}
]
},
{
"product": "SydneyM-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.221(C461E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C432E4R1P1T8)"
}
]
},
{
"product": "SydneyM-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.259(C185E1R1P2T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.220(C635E1R1P2T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.216(C569E1R1P1T8)"
}
]
},
{
"product": "SydneyM-L23",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.226(C605E2R1P1T8)"
}
]
},
{
"product": "Yale-L21A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C432E2R3P2)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C461E2R2P1)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C636E2R2P1)"
}
]
},
{
"product": "Honor 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.152(C00E150R5P1)"
}
]
},
{
"product": "Honor Magic2",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.0.0.187"
}
]
},
{
"product": "Honor V20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.234(C00E234R4P3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-27T20:01:02",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ALP-AL00B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
}
},
{
"product_name": "ALP-L09",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.300(C432E4R1P9T8)"
}
]
}
},
{
"product_name": "ALP-L29",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.315(C636E5R1P13T8)"
}
]
}
},
{
"product_name": "BLA-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.321(C636E4R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.330(C432E6R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.302(C635E4R1P13T8)"
}
]
}
},
{
"product_name": "Berkeley-AL20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
}
},
{
"product_name": "Berkeley-L09",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.350(C10E3R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C636E4R1P13T8)"
}
]
}
},
{
"product_name": "Charlotte-L09C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C185E4R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "Charlotte-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.325(C185E4R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.335(C636E3R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.336(C605E3R1P12T8)"
}
]
}
},
{
"product_name": "Columbia-AL10B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "Columbia-L29D",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.350(C461E3R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C185E3R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C10E5R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
}
]
}
},
{
"product_name": "Cornell-AL00A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "Cornell-L29A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.328(C185E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.328(C432E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.330(C461E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.328(C636E2R1P12T8)"
}
]
}
},
{
"product_name": "Emily-L09C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.336(C605E4R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C185E2R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E10R1P12T8)"
}
]
}
},
{
"product_name": "Emily-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C605E2R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C636E7R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C432E7R1P11T8)"
}
]
}
},
{
"product_name": "Ever-L29B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C185E3R3P1)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.131(C00E131R3P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.310(C185E10R2P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 RS",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.135(C786E133R3P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.135(C00E133R2P1)"
}
]
}
},
{
"product_name": "HUAWEI P20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI P20 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI P30",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.193"
}
]
}
},
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.186(C00E180R2P1)"
}
]
}
},
{
"product_name": "HUAWEI Y9 2019",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.220(C605E3R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI nova lite 3",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.305(C635E8R2P2)"
}
]
}
},
{
"product_name": "Honor 10 Lite",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.283(C605E8R2P2)"
}
]
}
},
{
"product_name": "Honor 8X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.221(C461E2R1P1T8)"
}
]
}
},
{
"product_name": "Honor View 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.238(C432E1R3P1)"
}
]
}
},
{
"product_name": "Jackman-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.247(C636E2R4P1T8)"
}
]
}
},
{
"product_name": "Paris-L21B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C432E1R1P2T8)"
}
]
}
},
{
"product_name": "Paris-L21MEB",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C185E4R1P3T8)"
}
]
}
},
{
"product_name": "Paris-L29B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C636E1R1P3T8)"
}
]
}
},
{
"product_name": "Sydney-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.212(C00E62R1P7T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "Sydney-L21",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.215(C432E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
}
]
}
},
{
"product_name": "Sydney-L21BR",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P2T8)"
}
]
}
},
{
"product_name": "Sydney-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
}
},
{
"product_name": "Sydney-L22BR",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.228(C00E78R1P7T8)"
}
]
}
},
{
"product_name": "SydneyM-L01",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.215(C782E2R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.270(C432E3R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L03",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.217(C605E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L21",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.221(C461E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.215(C432E4R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.259(C185E1R1P2T8)"
},
{
"version_value": "Versions earlier than 9.1.0.220(C635E1R1P2T8)"
},
{
"version_value": "Versions earlier than 9.1.0.216(C569E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L23",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.226(C605E2R1P1T8)"
}
]
}
},
{
"product_name": "Yale-L21A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.154(C432E2R3P2)"
},
{
"version_value": "Versions earlier than 9.1.0.154(C461E2R2P1)"
},
{
"version_value": "Versions earlier than 9.1.0.154(C636E2R2P1)"
}
]
}
},
{
"product_name": "Honor 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.152(C00E150R5P1)"
}
]
}
},
{
"product_name": "Honor Magic2",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.187"
}
]
}
},
{
"product_name": "Honor V20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.234(C00E234R4P3)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5303",
"datePublished": "2020-04-27T20:01:02",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5302 (GCVE-0-2019-5302)
Vulnerability from cvelistv5 – Published: 2020-04-27 19:50 – Updated: 2024-08-04 19:54
VLAI?
Summary
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | Sydney-L21 |
Affected:
Versions earlier than 9.1.0.215(C432E1R1P1T8)
Affected: Versions earlier than 9.1.0.213(C185E1R1P1T8) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:52.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sydney-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C432E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
}
]
},
{
"product": "Sydney-L21BR",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P2T8)"
}
]
},
{
"product": "Sydney-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
},
{
"product": "Sydney-L22BR",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
},
{
"product": "SydneyM-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.228(C00E78R1P7T8)"
}
]
},
{
"product": "SydneyM-L01",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C782E2R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.270(C432E3R1P1T8)"
}
]
},
{
"product": "SydneyM-L03",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.217(C605E1R1P1T8)"
}
]
},
{
"product": "SydneyM-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.221(C461E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C432E4R1P1T8)"
}
]
},
{
"product": "SydneyM-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.259(C185E1R1P2T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.220(C635E1R1P2T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.216(C569E1R1P1T8)"
}
]
},
{
"product": "SydneyM-L23",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.226(C605E2R1P1T8)"
}
]
},
{
"product": "Yale-L21A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C432E2R3P2)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C461E2R2P1)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C636E2R2P1)"
}
]
},
{
"product": "Honor 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.152(C00E150R5P1)"
}
]
},
{
"product": "Honor Magic2",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.0.0.187"
}
]
},
{
"product": "Honor V20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.234(C00E234R4P3)"
}
]
},
{
"product": "HUAWEI Mate 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.131(C00E131R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.310(C185E10R2P1)"
}
]
},
{
"product": "HUAWEI Mate 20 RS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.135(C786E133R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20 X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.135(C00E133R2P1)"
}
]
},
{
"product": "HUAWEI P20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "HUAWEI P20 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "HUAWEI P30",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.193"
}
]
},
{
"product": "HUAWEI P30 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.186(C00E180R2P1)"
}
]
},
{
"product": "HUAWEI Y9 2019",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.220(C605E3R1P1T8)"
}
]
},
{
"product": "HUAWEI nova lite 3",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.305(C635E8R2P2)"
}
]
},
{
"product": "Honor 10 Lite",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.283(C605E8R2P2)"
}
]
},
{
"product": "Honor 8X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.221(C461E2R1P1T8)"
}
]
},
{
"product": "Honor View 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.238(C432E1R3P1)"
}
]
},
{
"product": "Jackman-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.247(C636E2R4P1T8)"
}
]
},
{
"product": "Paris-L21B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C432E1R1P2T8)"
}
]
},
{
"product": "Paris-L21MEB",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C185E4R1P3T8)"
}
]
},
{
"product": "Paris-L29B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C636E1R1P3T8)"
}
]
},
{
"product": "Sydney-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.212(C00E62R1P7T8)"
}
]
},
{
"product": "Charlotte-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.325(C185E4R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.335(C636E3R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.336(C605E3R1P12T8)"
}
]
},
{
"product": "Columbia-AL10B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "Columbia-L29D",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C461E3R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C185E3R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C10E5R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
}
]
},
{
"product": "Cornell-AL00A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "Cornell-L29A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C185E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C432E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.330(C461E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C636E2R1P12T8)"
}
]
},
{
"product": "Emily-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.336(C605E4R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E2R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E10R1P12T8)"
}
]
},
{
"product": "Emily-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C605E2R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C636E7R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C432E7R1P11T8)"
}
]
},
{
"product": "Ever-L29B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E3R3P1)"
}
]
},
{
"product": "ALP-AL00B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
},
{
"product": "ALP-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.300(C432E4R1P9T8)"
}
]
},
{
"product": "ALP-L29",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.315(C636E5R1P13T8)"
}
]
},
{
"product": "BLA-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.321(C636E4R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.330(C432E6R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.302(C635E4R1P13T8)"
}
]
},
{
"product": "Berkeley-AL20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
},
{
"product": "Berkeley-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C10E3R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C636E4R1P13T8)"
}
]
},
{
"product": "Charlotte-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E4R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-27T19:50:50",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5302",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sydney-L21",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.215(C432E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
}
]
}
},
{
"product_name": "Sydney-L21BR",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P2T8)"
}
]
}
},
{
"product_name": "Sydney-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
}
},
{
"product_name": "Sydney-L22BR",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.228(C00E78R1P7T8)"
}
]
}
},
{
"product_name": "SydneyM-L01",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.215(C782E2R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.270(C432E3R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L03",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.217(C605E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L21",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.221(C461E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.215(C432E4R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.259(C185E1R1P2T8)"
},
{
"version_value": "Versions earlier than 9.1.0.220(C635E1R1P2T8)"
},
{
"version_value": "Versions earlier than 9.1.0.216(C569E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L23",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.226(C605E2R1P1T8)"
}
]
}
},
{
"product_name": "Yale-L21A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.154(C432E2R3P2)"
},
{
"version_value": "Versions earlier than 9.1.0.154(C461E2R2P1)"
},
{
"version_value": "Versions earlier than 9.1.0.154(C636E2R2P1)"
}
]
}
},
{
"product_name": "Honor 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.152(C00E150R5P1)"
}
]
}
},
{
"product_name": "Honor Magic2",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.187"
}
]
}
},
{
"product_name": "Honor V20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.234(C00E234R4P3)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.131(C00E131R3P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.310(C185E10R2P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 RS",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.135(C786E133R3P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.135(C00E133R2P1)"
}
]
}
},
{
"product_name": "HUAWEI P20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI P20 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI P30",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.193"
}
]
}
},
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.186(C00E180R2P1)"
}
]
}
},
{
"product_name": "HUAWEI Y9 2019",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.220(C605E3R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI nova lite 3",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.305(C635E8R2P2)"
}
]
}
},
{
"product_name": "Honor 10 Lite",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.283(C605E8R2P2)"
}
]
}
},
{
"product_name": "Honor 8X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.221(C461E2R1P1T8)"
}
]
}
},
{
"product_name": "Honor View 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.238(C432E1R3P1)"
}
]
}
},
{
"product_name": "Jackman-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.247(C636E2R4P1T8)"
}
]
}
},
{
"product_name": "Paris-L21B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C432E1R1P2T8)"
}
]
}
},
{
"product_name": "Paris-L21MEB",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C185E4R1P3T8)"
}
]
}
},
{
"product_name": "Paris-L29B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C636E1R1P3T8)"
}
]
}
},
{
"product_name": "Sydney-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.212(C00E62R1P7T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "Charlotte-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.325(C185E4R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.335(C636E3R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.336(C605E3R1P12T8)"
}
]
}
},
{
"product_name": "Columbia-AL10B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "Columbia-L29D",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.350(C461E3R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C185E3R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C10E5R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
}
]
}
},
{
"product_name": "Cornell-AL00A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "Cornell-L29A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.328(C185E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.328(C432E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.330(C461E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.328(C636E2R1P12T8)"
}
]
}
},
{
"product_name": "Emily-L09C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.336(C605E4R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C185E2R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E10R1P12T8)"
}
]
}
},
{
"product_name": "Emily-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C605E2R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C636E7R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C432E7R1P11T8)"
}
]
}
},
{
"product_name": "Ever-L29B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C185E3R3P1)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "ALP-AL00B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
}
},
{
"product_name": "ALP-L09",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.300(C432E4R1P9T8)"
}
]
}
},
{
"product_name": "ALP-L29",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.315(C636E5R1P13T8)"
}
]
}
},
{
"product_name": "BLA-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.321(C636E4R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.330(C432E6R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.302(C635E4R1P13T8)"
}
]
}
},
{
"product_name": "Berkeley-AL20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
}
},
{
"product_name": "Berkeley-L09",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.350(C10E3R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C636E4R1P13T8)"
}
]
}
},
{
"product_name": "Charlotte-L09C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C185E4R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5302",
"datePublished": "2020-04-27T19:50:50",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:52.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0069 (GCVE-0-2020-0069)
Vulnerability from cvelistv5 – Published: 2020-03-10 19:56 – Updated: 2025-10-21 23:35
VLAI?
Summary
In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754
Severity ?
7.8 (High)
CWE
- Elevation of privilege
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2020-03-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-0069",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T13:03:30.656110Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0069"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:35:49.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0069"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2020-0069 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-27T11:06:04.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://source.android.com/security/bulletin/2020-03-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2020-0069",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android kernel"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2020-03-01",
"refsource": "MISC",
"url": "https://source.android.com/security/bulletin/2020-03-01"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2020-0069",
"datePublished": "2020-03-10T19:56:37.000Z",
"dateReserved": "2019-10-17T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:35:49.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-2215 (GCVE-0-2019-2215)
Vulnerability from cvelistv5 – Published: 2019-10-11 18:16 – Updated: 2025-10-21 23:45
VLAI?
Summary
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
Severity ?
7.8 (High)
CWE
- Elevation of privilege
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:42:50.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2019-10-01"
},
{
"name": "20191018 CVE 2019-2215 Android Binder Use After Free",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Oct/38"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"name": "USN-4186-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4186-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-2215",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T13:04:20.328785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:45:29.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2019-2215 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-02T19:06:43.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2019-10-01"
},
{
"name": "20191018 CVE 2019-2215 Android Binder Use After Free",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Oct/38"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"name": "USN-4186-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4186-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2019-2215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Kernel"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2019-10-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2019-10-01"
},
{
"name": "20191018 CVE 2019-2215 Android Binder Use After Free",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Oct/38"
},
{
"name": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
},
{
"name": "https://security.netapp.com/advisory/ntap-20191031-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"name": "USN-4186-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4186-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"name": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2019-2215",
"datePublished": "2019-10-11T18:16:48.000Z",
"dateReserved": "2018-12-10T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:45:29.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9506 (GCVE-0-2019-9506)
Vulnerability from cvelistv5 – Published: 2019-08-14 16:27 – Updated: 2024-09-16 19:14
VLAI?
Title
Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation
Summary
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
Severity ?
7.6 (High)
CWE
- CWE-310 - Cryptographic Issues
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Daniele Antonioli‚ Nils Ole Tippenhauer, Kasper Rasmussen
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#918987",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"name": "USN-4115-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"name": "USN-4118-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "USN-4147-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"name": "RHSA-2019:2975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"name": "openSUSE-SU-2019:2307",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"name": "openSUSE-SU-2019:2308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"name": "RHSA-2019:3076",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"name": "RHSA-2019:3055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"name": "RHSA-2019:3089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"name": "RHSA-2019:3187",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"name": "RHSA-2019:3165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"name": "RHSA-2019:3217",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"name": "RHSA-2019:3220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"name": "RHSA-2019:3231",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"name": "RHSA-2019:3218",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"name": "RHSA-2019:3309",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"name": "RHSA-2019:3517",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"name": "RHSA-2020:0204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"N/A"
],
"product": "BR/EDR",
"vendor": "Bluetooth",
"versions": [
{
"lessThanOrEqual": "5.1",
"status": "affected",
"version": "5.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Daniele Antonioli\u201a Nils Ole Tippenhauer, Kasper Rasmussen"
}
],
"datePublic": "2019-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310 Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-30T10:06:23",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#918987",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"name": "USN-4115-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"name": "USN-4118-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "USN-4147-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"name": "RHSA-2019:2975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"name": "openSUSE-SU-2019:2307",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"name": "openSUSE-SU-2019:2308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"name": "RHSA-2019:3076",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"name": "RHSA-2019:3055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"name": "RHSA-2019:3089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"name": "RHSA-2019:3187",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"name": "RHSA-2019:3165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"name": "RHSA-2019:3217",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"name": "RHSA-2019:3220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"name": "RHSA-2019:3231",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"name": "RHSA-2019:3218",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"name": "RHSA-2019:3309",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"name": "RHSA-2019:3517",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"name": "RHSA-2020:0204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
}
],
"source": {
"advisory": "VU#918987",
"defect": [
"VU#918987"
],
"discovery": "EXTERNAL"
},
"title": "Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation",
"workarounds": [
{
"lang": "en",
"value": "Bluetooth SIG Expedited Errata Correction 11838"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "KNOB",
"ASSIGNER": "cert@cert.org",
"DATE_PUBLIC": "2019-08-14",
"ID": "CVE-2019-9506",
"STATE": "PUBLIC",
"TITLE": "Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BR/EDR",
"version": {
"version_data": [
{
"platform": "N/A",
"version_affected": "\u003c=",
"version_name": "5.1",
"version_value": "5.1"
}
]
}
}
]
},
"vendor_name": "Bluetooth"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Daniele Antonioli\u201a Nils Ole Tippenhauer, Kasper Rasmussen"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310 Cryptographic Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#918987",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"name": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html",
"refsource": "MISC",
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"name": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli",
"refsource": "MISC",
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"name": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/",
"refsource": "CONFIRM",
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"name": "USN-4115-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"name": "USN-4118-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "USN-4147-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"name": "RHSA-2019:2975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"name": "openSUSE-SU-2019:2307",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"name": "openSUSE-SU-2019:2308",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"name": "RHSA-2019:3076",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"name": "RHSA-2019:3055",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"name": "RHSA-2019:3089",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"name": "RHSA-2019:3187",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"name": "RHSA-2019:3165",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"name": "RHSA-2019:3217",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"name": "RHSA-2019:3220",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"name": "RHSA-2019:3231",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"name": "RHSA-2019:3218",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"name": "RHSA-2019:3309",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"name": "RHSA-2019:3517",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"name": "RHSA-2020:0204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
}
]
},
"source": {
"advisory": "VU#918987",
"defect": [
"VU#918987"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Bluetooth SIG Expedited Errata Correction 11838"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9506",
"datePublished": "2019-08-14T16:27:45.059869Z",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-09-16T19:14:13.573Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}