CVE-2018-7899

CWE-4153 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 78.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Berkeley-al20 FirmwareHuawei Berkeley-bd Firmware
Timeline
PublishedApr 19
Latest updateMay 14

Description

The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C00), 8.0.0.142(C00), 8.0.0.151(C00), Berkeley-BD 1.0.0.21, 1.0.0.22, 1.0.0.23, 1.0.0.24, 1.0.0.26, 1.0.0.29 has a double free vulnerability. An attacker can trick a user to install a malicious application and exploit this vulnerability when in the exception han

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/berkeley-al20_firmware11 versions+10
NVDhuawei/berkeley-bd_firmware6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-x2qr-83fp-75qc: The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 82022-05-14
CVEList
CVE-2018-7899: The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 82018-04-19
CVE-2018-7899 (MEDIUM CVSS 5.5) | The Mali Driver of Huawei Berkeley- | cvebase.io