CVE-2015-8682 Information

Description

The Video0 driver in Huawei P8 smartphones with software GRA-UL00 before GRA-UL00C00B350 GRA-UL10 before GRA-UL10C00B350 GRA-TL00 before GRA-TL00C01B350 GRA-CL00 before GRA-CL00C92B350 and GRA-CL10 before GRA-CL10C92B350 and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01 CRR-UL00 before CRR-UL00C00B160 and CRR-CL00 before CRR-CL00C92B161 allows attackers to obtain sensitive information from stack memory or cause a denial of service (system crash) via a crafted application which triggers an invalid memory access.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160130-01-smartphone-en

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

NONE

Base Score

HIGH

Base Severity

6.1