CVE-2019-5214

CWE-416Use After Free3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 76.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Mate 10 FirmwareHuawei Huawei Mate10
Timeline
PublishedJun 6
Latest updateMay 24

Description

There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8). An attacker tricks the user into installing a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause a denial of service condition.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/mate_10_firmware< alp-al00b_9.0.0.167\(c00e85r2p20t8\)
CVEListV5huawei/huawei_mate10Versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8)

🔴Vulnerability Details

2
GHSA
GHSA-q2cv-8m5w-p6f2: There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 92022-05-24
CVEList
CVE-2019-5214: There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 92019-06-06
CVE-2019-5214 (MEDIUM CVSS 5.5) | There is a use after free vulnerabi | cvebase.io