← voltar
CVE-2017-8140

CVE-2017-8140

EPSS 1.0%
The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can start multiple threads and try to free specific memory, which could triggers double free and causes a system crash or arbitrary code execution.
Produtos afetados
Huawei Technologies Co., Ltd. · P9 Plus

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170605-01-smartphone-en