CVE-2017-17227

CWE-125Out-of-bounds ReadCWE-787Out-of-bounds Write3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 69.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Mate 10 FirmwareHuawei Technologies Co., Ltd. Mate 10
Timeline
PublishedMar 9
Latest updateMay 14

Description

GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause accessing out-of-bounds memory. Successful exploi

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDhuawei/mate_10_firmware< alp-l09_8.0.0.120\(c212\)+7
CVEListV5huawei_technologies_co.,_ltd./mate_10The versions before ALP-L09 8.0.0.120(C212), The versions before ALP-L09 8.0.0.127(C900), The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652)+2

🔴Vulnerability Details

2
GHSA
GHSA-jjgw-phq5-5f8w: GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 82022-05-14
CVEList
CVE-2017-17227: GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 82018-03-09
CVE-2017-17227 (HIGH CVSS 7.8) | GPU driver in Huawei Mate 10 smart | cvebase.io