CVE-2019-5228: Race Condition
First published: Tue Nov 12 2019(Updated: )
Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei P30 Firmware | <elle-al00b_9.1.0.193\(c00e190r1p21\) | |
| HUAWEI P30 | ||
| Huawei P30 Pro Firmware | <vogue-al00a_9.1.0.193\(c00e190r1p12\) | |
| HUAWEI P30 Pro | ||
| Huawei Honor V20 Firmware | <princeton-al10b_9.1.0.233\(c00e233r4p3\) | |
| Huawei Honor V20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-5228?
CVE-2019-5228 is a race condition vulnerability in certain detection modules of P30, P30 Pro, and Honor V20 smartphones.
Which smartphones are affected by CVE-2019-5228?
CVE-2019-5228 affects Huawei P30, P30 Pro, and Honor V20 smartphones with specific firmware versions.
What is the severity of CVE-2019-5228?
The severity of CVE-2019-5228 is high, with a CVSS score of 7.8.
How can I check if my smartphone is vulnerable to CVE-2019-5228?
To check if your smartphone is vulnerable, verify the firmware version on your device.
How can I fix CVE-2019-5228?
To fix CVE-2019-5228, update your smartphone's firmware to the latest version provided by Huawei.