First published: Wed Nov 22 2017(Updated: )
The camerafs driver in Mate 9 Versions earlier than MHA-AL00BC00B173 has buffer overflow vulnerability. An attacker tricks a user into installing a malicious application which has the system privilege of the Android system and sends a specific parameter to the driver of the smart phone, causing a system crash or privilege escalation.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Mate 9 Firmware | <mha-al00bc00b173 | |
Huawei Mate 9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-2716 is a buffer overflow vulnerability in the camerafs driver of Mate 9 smartphones running versions earlier than MHA-AL00BC00B173.
CVE-2017-2716 affects Huawei Mate 9 smartphones running versions earlier than MHA-AL00BC00B173.
CVE-2017-2716 has a severity rating of 7.8 (critical).
An attacker can exploit CVE-2017-2716 by tricking a user into installing a malicious application with system privileges, and then sending a specific parameter to the camerafs driver of the Mate 9 smartphone.
Yes, updating Mate 9 smartphones to version MHA-AL00BC00B173 or later fixes the CVE-2017-2716 vulnerability.