CVE-2017-8203

The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B173 has a use after free (UAF) vulnerability. An attacker can convince a user to install a malicious application which has a high privilege to exploit this vulnerability, Successful exploitation may cause arbitrary code execution.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:nova_2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:nova_2:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:nova_2_plus_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:nova_2_plus:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:33

Type Values Removed Values Added
References () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170927-01-smartphone-en - Vendor Advisory () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170927-01-smartphone-en - Vendor Advisory
References () http://www.securityfocus.com/bid/101960 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/101960 - Third Party Advisory, VDB Entry

Information

Published : 2017-11-22 19:29

Updated : 2024-11-21 03:33


NVD link : CVE-2017-8203

Mitre link : CVE-2017-8203

CVE.ORG link : CVE-2017-8203


JSON object : View

Products Affected

huawei

  • nova_2_plus
  • nova_2
  • nova_2_plus_firmware
  • nova_2_firmware
CWE
CWE-416

Use After Free