CVE-2016-8774 Information

Description

The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386 versions before NXT-CL00C92B386 versions before NXT-DL00C17B386 versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368 Versions before CRR-CL20C92B368 Versions before CRR-TL00C01B368 Versions before CRR-UL00C00B368 Versions before CRR-UL20C00B368; P8 phones with software Versions before GRA-TL00C01B366 Versions before GRA-CL00C92B366 Versions before GRA-CL10C92B366 Versions before GRA-UL00C00B366 Versions before GRA-UL10C00B366; and P9 phones with software Versions before EVA-AL10C00B190 Versions before EVA-DL10C00B190 Versions before EVA-TL10C00B190 Versions before EVA-CL10C00B190 allows attackers to get root privilege or crash the system or execute arbitrary code related to a buffer overflow.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-02-smartphone-en http://www.securityfocus.com/bid/94503

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

6.7