CVE-2017-17324
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Huawei Mate 9 Pro smartphones with software LON-AL00BC00B139D; LON-AL00BC00B229 have an integer overflow vulnerability. The camera driver does not validate the external input parameters and causes an integer overflow, which in the after processing results in a buffer overflow. An attacker tricks the user to install a crafted application, successful exploit could cause malicious code execution.
Los smartphones Huawei Mate 9 Pro con software LON-AL00BC00B139D y LON-AL00BC00B229 tienen una vulnerabilidad de desbordamiento de enteros. El controlador de la cámara no valida los parámetros de entradas externas y provoca un desbordamiento de enteros, que tras el posprocesado resulta en un desbordamiento de búfer. Un atacante engaña al usuario para que instale una aplicación maliciosa, por lo que la explotación exitosa de esta vulnerabilidad podría provocar la ejecución de código malicioso.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-12-04 CVE Reserved
- 2018-03-09 CVE Published
- 2024-08-05 CVE Updated
- 2024-11-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-190: Integer Overflow or Wraparound
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20180124-01-smartphone-en | 2018-03-29 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Huawei Search vendor "Huawei" | Mate 9 Pro Firmware Search vendor "Huawei" for product "Mate 9 Pro Firmware" | lon-al00bc00b139d Search vendor "Huawei" for product "Mate 9 Pro Firmware" and version "lon-al00bc00b139d" | - |
Affected
| in | Huawei Search vendor "Huawei" | Mate 9 Pro Search vendor "Huawei" for product "Mate 9 Pro" | - | - |
Safe
|
Huawei Search vendor "Huawei" | Mate 9 Pro Firmware Search vendor "Huawei" for product "Mate 9 Pro Firmware" | lon-al00bc00b229 Search vendor "Huawei" for product "Mate 9 Pro Firmware" and version "lon-al00bc00b229" | - |
Affected
| in | Huawei Search vendor "Huawei" | Mate 9 Pro Search vendor "Huawei" for product "Mate 9 Pro" | - | - |
Safe
|