CVE-2019-5224Out-of-bounds Read in Huawei P30 Firmware

CWE-125Out-of-bounds Read3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 65.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei P30 Firmware
Timeline
PublishedNov 29
Latest updateMay 24

Description

P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21) have an out of bounds read vulnerability. The system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause out of bounds read and information disclosure.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/p30_firmware< elle-al00b_9.1.0.193\(c00e190r1p21\)
CVEListV5huawei/p30_firmwareVersions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21)

🔴Vulnerability Details

2
GHSA
GHSA-vr74-fpq9-774p: P30 smartphones with versions earlier than ELLE-AL00B 92022-05-24
CVEList
CVE-2019-5224: P30 smartphones with versions earlier than ELLE-AL00B 92019-11-29
CVE-2019-5224 — Out-of-bounds Read in Huawei | cvebase