Note:
This project will be discontinued after December 13, 2021. [more]
Product:
P9_plus_firmware
(Huawei)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 9 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-11-22 | CVE-2017-8140 | The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can start multiple threads and try to free specific memory, which could triggers double free and causes a system crash or arbitrary code execution. | P9_plus_firmware | 7.8 | ||
| 2017-11-22 | CVE-2017-2734 | P9 Plus smartphones with software versions earlier before VIE-AL10BC00B386 have a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and the application can send given parameter to specific interface, which make a large number of memory allocation and the smart phone will be crash for memory exhaustion. | P9_plus_firmware | 5.5 | ||
| 2017-11-22 | CVE-2017-2731 | The vibrator service in P9 Plus smart phones with software versions earlier before VIE-AL10C00B386 has DoS vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone vibrator service interface to crash the system. | P9_plus_firmware | 5.5 | ||
| 2017-11-22 | CVE-2017-2711 | P9 Plus smartphones with software earlier than VIE-AL10C00B352 versions have an input validation vulnerability in the touchscreen Driver. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system. | P9_plus_firmware | 5.5 | ||
| 2018-06-01 | CVE-2017-17171 | Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow the app to send specific parameters to the smart phone driver, which will result in system restart. | Mate_8_firmware, P9_firmware, P9_plus_firmware | 4.2 | ||
| 2018-03-09 | CVE-2016-8783 | Touchscreen drive in Huawei H60 (Honor 6) Versions earlier than H60-L02_6.12.16 and P9 Plus Versions earlier than VIE-AL10BC00B356 has a stack overflow vulnerabilities. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter to touchscreen drive to crash the system or escalate privilege. | Honor_6_firmware, P9_plus_firmware | 7.8 | ||
| 2017-04-02 | CVE-2016-8761 | Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. | Honor_6_firmware, P9_firmware, P9_plus_firmware | 7.8 | ||
| 2017-04-02 | CVE-2016-8760 | Touchscreen driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a heap overflow vulnerability, which allows attackers to crash the system or escalate user privilege. | Honor_6_firmware, P9_firmware, P9_plus_firmware | 7.8 | ||
| 2017-04-02 | CVE-2016-8759 | Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. | Honor_6_firmware, P9_firmware, P9_plus_firmware | 7.8 |