Vulnerability Description
The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Gt3 Firmware | <= nmo-l31c432b120 |
| Huawei | Gt3 | - |
| Huawei | Honor 5C Firmware | <= nem-l51c432b120 |
| Huawei | Honor 5C | - |
| Huawei | Knt Firmware | <= knt-al10c746b160 |
| Huawei | Knt | - |
| Huawei | P9 Lite Firmware | <= vns-l21c185b142 |
| Huawei | P9 Lite | - |
| Huawei | Y6Ii Firmware | <= cam-l21c10b130 |
| Huawei | Y6Ii | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170208-02-smartphVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170208-02-smartphVendor Advisory
FAQ
What is CVE-2017-2697?
CVE-2017-2697 is a vulnerability with a CVSS score of 7.8 (HIGH). The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier...
How severe is CVE-2017-2697?
CVE-2017-2697 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-2697?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Gt3 Firmware, Huawei Gt3, Huawei Honor 5C Firmware, Huawei Honor 5C, Huawei Knt Firmware.