CVE-2015-8319
https://notcve.org/view.php?id=CVE-2015-8319
Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2015-8318. Desbordamiento de buffer basado en memoria dinámica en el controlador HIFI en smartphones Huawei P8 con software GRA-TL00 en versiones anteriores a GRA-TL00C01B230, GRA-CL00 en versiones anteriores a GRA-CL00C92B230, GRA-CL10 en versiones anteriores a GRA-CL10C92B230, GRA-UL00 en versiones anteriores a GRA-UL00C00B230 y GRA-UL10 en versiones anteriores a GRA-UL10C00B230 y smartphones Mate S con software CRR-TL00 en versiones anteriores a CRR-TL00C01B160SP01, CRR-UL00 en versiones anteriores a CRR-UL00C00B160 y CRR-CL00 en versiones anteriores a CRR-CL00C92B161 permite a atacantes causar una denegación de servicio (caída de sistema) u obtener privilegios a través de una aplicación manipulada, una vulnerabilidad diferente a CVE-2015-8318. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160104-04-smartphone-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-8088 – Huawei Mate 7 - '/dev/hifi_misc' Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-8088
Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application. Desbordamiento de buffer basado en memoria dinámica en el controlador HIFI en teléfonos Huawei Mate 7 con software MT7-UL00 en versiones anteriores a MT7-UL00C17B354, MT7-TL10 en versiones anteriores a MT7-TL10C00B354, MT7-TL00 en versiones anteriores a MT7-TL00C01B354 y MT7-CL00 en versiones anteriores a MT7-CL00C92B354 y teléfonos P8 con software GRA-TL00 en versiones anteriores a GRA-TL00C01B220SP01, GRA-CL00 en versiones anteriores a GRA-CL00C92B220, GRA-CL10 en versiones anteriores a GRA-CL10C92B220, GRA-UL00 en versiones anteriores a GRA-UL00C00B220 y GRA-UL10 en versiones anteriores a GRA-UL10C00B220 permite atacantes causar una denegación de servicio (reinicio) o ejecutar código arbitrario a través de una aplicación manipulada. • https://www.exploit-db.com/exploits/44306 https://github.com/Pray3r/CVE-2015-8088 http://www.huawei.com/en/psirt/security-advisories/hw-460347 http://www.securityfocus.com/bid/77560 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-8337
https://notcve.org/view.php?id=CVE-2015-8337
The HIFI driver in Huawei P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, GRA-UL10 before GRA-UL10C00B220 and Mate7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 allows remote attackers to cause a denial of service (invalid memory access and reboot) via unspecified vectors related to "input null pointer as parameter." El controlador HIFI en teléfonos Huawei P8 con software GRA-TL00 en versiones anteriores a GRA-TL00C01B220SP01, GRA-CL00 en versiones anteriores a GRA-CL00C92B220, GRA-CL10 en versiones anteriores a GRA-CL10C92B220, GRA-UL00 en versiones anteriores a GRA-UL00C00B220, GRA-UL10 en versiones anteriores a GRA-UL10C00B220 y teléfono Mate7 con software MT7-UL00 en versiones anteriores a MT7-UL00C17B354, MT7-TL10 en versiones anteriores a MT7-TL10C00B354, MT7-TL00 en versiones anteriores a MT7-TL00C01B354 y MT7-CL00 en versiones anteriores a MT7-CL00C92B354 permite a atacantes remotos causar una denegación de servicio (acceso de memoria no válido y reinicio) a través de vectores no especificados relacionados con "entrada de puntero nulo como parámetro." • http://www.huawei.com/en/psirt/security-advisories/hw-465304 http://www.securityfocus.com/bid/80357 •