Vulnerability Description
The boot loaders in Honor 5A smart phones with software Versions earlier than CAM-TL00C01B193,Versions earlier than CAM-TL00HC00B193,Versions earlier than CAM-UL00C00B193 have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the next system reboot, causing continuous system reboot or arbitrary code execution.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Honor 5A Firmware | < cam-tl00c01b193 |
| Huawei | Honor 5A | - |
| Huawei | P8 Lite Firmware | < ale-l02c635b568 |
| Huawei | P8 Lite | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170302-01-smartphVendor Advisory
- http://www.securityfocus.com/bid/96526Third Party AdvisoryVDB Entry
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170302-01-smartphVendor Advisory
- http://www.securityfocus.com/bid/96526Third Party AdvisoryVDB Entry
FAQ
What is CVE-2017-2729?
CVE-2017-2729 is a vulnerability with a CVSS score of 7.8 (HIGH). The boot loaders in Honor 5A smart phones with software Versions earlier than CAM-TL00C01B193,Versions earlier than CAM-TL00HC00B193,Versions earlier than CAM-UL00C00B193 have a buffer overflow vulner...
How severe is CVE-2017-2729?
CVE-2017-2729 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-2729?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Honor 5A Firmware, Huawei Honor 5A, Huawei P8 Lite Firmware, Huawei P8 Lite.