CVE-2017-17320

Опубликовано: 20 мар. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 9.3

EPSS Низкий

Описание

Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a memory double free vulnerability. The system does not manage the memory properly, that frees on the same memory address twice. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in malicious code execution.

Ссылки

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180314-02-smartphone-en
Vendor Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180314-02-smartphone-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:huawei:mate_9_pro_firmware:lon-al00bc00b139d:*:*:*:*:*:*:*

cpe:2.3:o:huawei:mate_9_pro_firmware:lon-al00bc00b229:*:*:*:*:*:*:*

cpe:2.3:o:huawei:mate_9_pro_firmware:lon-l29dc721b188:*:*:*:*:*:*:*

cpe:2.3:h:huawei:mate_9_pro:-:*:*:*:*:*:*:*

EPSS

Процентиль: 29%

0.00108

Низкий

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-415

Связанные уязвимости

GHSA-9w3x-5xrr-jfm6