CVE-2019-5219

CWE-4153 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 77.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Mate 10 FirmwareHuawei Mate10
Timeline
PublishedJun 6
Latest updateMay 24

Description

There is a double free vulnerability on certain drivers of Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.181(C00E87R2P20T8). An attacker tricks the user into installing a malicious application, which makes multiple processes operate the same resource at the same time. Successful exploit could cause a denial of service condition.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/mate_10_firmware< alp-al00b_9.0.0.181\(c00e87r2p20t8\)
CVEListV5huawei/mate10Versions earlier than ALP-AL00B 9.0.0.181(C00E87R2P20T8)

🔴Vulnerability Details

2
GHSA
GHSA-rcrf-pfqg-hxmm: There is a double free vulnerability on certain drivers of Huawei Mate10 smartphones versions earlier than ALP-AL00B 92022-05-24
CVEList
CVE-2019-5219: There is a double free vulnerability on certain drivers of Huawei Mate10 smartphones versions earlier than ALP-AL00B 92019-06-06
CVE-2019-5219 (MEDIUM CVSS 5.5) | There is a double free vulnerabilit | cvebase.io