Vulnerability Description
GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause accessing out-of-bounds memory. Successful exploit may result in phone crash or arbitrary code execution.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mate 10 Firmware | < alp-l09_8.0.0.120\(c212\) |
| Huawei | Mate 10 | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-smartphVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-smartphVendor Advisory
FAQ
What is CVE-2017-17227?
CVE-2017-17227 is a vulnerability with a CVSS score of 7.8 (HIGH). GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C6...
How severe is CVE-2017-17227?
CVE-2017-17227 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-17227?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 10 Firmware, Huawei Mate 10.