Huawei Emui vulnerabilities

CVE-2021-22430 [CRITICAL] CVE-2021-22430: There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection.

CVE-2021-22434 [CRITICAL] CWE-119 CVE-2021-22434: There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of thi There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.

CVE-2021-22429 [CRITICAL] CWE-119 CVE-2021-22429: There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerabilit There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.

CVE-2021-22426 [CRITICAL] CWE-119 CVE-2021-22426: There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerabilit There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.

CVE-2021-22433 [CRITICAL] CWE-119 CVE-2021-22433: There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerabilit There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.

CVE-2021-22319 [HIGH] CWE-190 CVE-2021-22319: There is an improper verification vulnerability in smartphones. Successful exploitation of this vuln There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows.

CVE-2021-22395 [HIGH] CWE-94 CVE-2021-22395: There is a code injection vulnerability in smartphones. Successful exploitation of this vulnerabilit There is a code injection vulnerability in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37027 [HIGH] CVE-2021-37027: There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affec There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity.

CVE-2021-22489 [HIGH] CVE-2021-22489: There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affec There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability.

CVE-2021-22437 [HIGH] CWE-190 CVE-2021-22437: There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploi There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access.

CVE-2021-37103 [MEDIUM] CWE-276 CVE-2021-37103: There is an improper permission management vulnerability in the Wallet apps. Successful exploitation There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39997 [CRITICAL] CWE-119 CVE-2021-39997: There is a vulnerability of unstrict input parameter verification in the audio assembly.Successful e There is a vulnerability of unstrict input parameter verification in the audio assembly.Successful exploitation of this vulnerability may cause out-of-bounds access.

CVE-2021-39994 [CRITICAL] CVE-2021-39994: There is an arbitrary address access vulnerability with the product line test code.Successful exploi There is an arbitrary address access vulnerability with the product line test code.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.

CVE-2021-39992 [HIGH] CWE-732 CVE-2021-39992: There is an improper security permission configuration vulnerability on ACPU.Successful exploitation There is an improper security permission configuration vulnerability on ACPU.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.

CVE-2021-37109 [HIGH] CVE-2021-37109: There is a security protection bypass vulnerability with the modem.Successful exploitation of this v There is a security protection bypass vulnerability with the modem.Successful exploitation of this vulnerability may cause memory protection failure.

CVE-2021-40044 [HIGH] CVE-2021-40044: There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may cause unauthorized operations.

CVE-2021-40045 [MEDIUM] CWE-347 CVE-2021-40045: There is a vulnerability of signature verification mechanism failure in system upgrade through recov There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39991 [MEDIUM] CVE-2021-39991: There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Su There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39986 [MEDIUM] CVE-2021-39986: There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Su There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-40015 [MEDIUM] CWE-362 CVE-2021-40015: There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful expl There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.