CVE-2017-17320 Information

Description

Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D LON-AL00BC00B229 LON-L29DC721B188 have a memory double free vulnerability. The system does not manage the memory properly that frees on the same memory address twice. An attacker tricks the user who has root privilege to install a crafted application successful exploit could result in malicious code execution.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180314-02-smartphone-en

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8