CVE-2017-2697: Buffer Overflow
First published: Wed Nov 22 2017(Updated: )
The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Gt3 Firmware | <=nmo-l31c432b120 | |
| Huawei Gt3 | ||
| Huawei Honor 5c Firmware | <=nem-l51c432b120 | |
| Huawei Honor 5c | ||
| Huawei Knt Firmware | <=knt-al10c746b160 | |
| Huawei Knt | ||
| Huawei P9 Lite Firmware | <=vns-l21c185b142 | |
| HUAWEI P9 Lite | ||
| Huawei Y6ii Firmware | <=cam-l21c10b130 | |
| Huawei Y6ii | ||
| Huawei Y6ii Firmware | <=cam-l21c185b141 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2017-2697?
CVE-2017-2697 is a vulnerability that exists in the goldeneye driver in various Huawei smartphones.
How does CVE-2017-2697 impact Huawei smartphones?
CVE-2017-2697 allows for buffer overflow, which can potentially lead to remote code execution or denial of service on Huawei smartphones.
Which Huawei smartphones are affected by CVE-2017-2697?
Various versions of Huawei smartphones including NMO-L31C432B120, NEM-L21C432B100, NEM-L51C432B120, KNT-AL10C746B160, VNS-L21C185B142, CAM-L21C10B130, and CAM-L21C185B141 are affected by CVE-2017-2697.
What is the severity of CVE-2017-2697?
CVE-2017-2697 has a severity rating of critical with a CVSS score of 7.8.
How can I fix the CVE-2017-2697 vulnerability on my Huawei smartphone?
To fix the CVE-2017-2697 vulnerability on your Huawei smartphone, it is recommended to install the latest firmware or security patch provided by Huawei.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/tags
- agent/event
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei gt3 firmware
- version/huawei gt3 firmware/nmo-l31c432b120
- canonical/huawei gt3
- canonical/huawei honor 5c firmware
- version/huawei honor 5c firmware/nem-l51c432b120
- canonical/huawei honor 5c
- canonical/huawei knt firmware
- version/huawei knt firmware/knt-al10c746b160
- canonical/huawei knt
- canonical/huawei p9 lite firmware
- version/huawei p9 lite firmware/vns-l21c185b142
- canonical/huawei p9 lite
- canonical/huawei y6ii firmware
- version/huawei y6ii firmware/cam-l21c10b130
- canonical/huawei y6ii
- version/huawei y6ii firmware/cam-l21c185b141