HIGH🇬🇧 English

CVE-2017-8141

CVSS 7.8v3.0pub. 2017-11-22upd. 2026-05-13

The Touch Panel (TP) driver in P10 Plus smart phones with software versions earlier than VKY-AL00C00B153 has a memory double free vulnerability. An attacker with the root privilege of the Android system tricks a user into installing a malicious application, and the application can start multiple threads and try to free specific memory, which could triggers double free and causes a system crash or arbitrary code execution.

oryginał EN
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Huawei P10 Plus

    HW
    Huawei
    wszystkie wersje
  • Huawei P10 Plus Firmware

    OS
    Huawei
    < vky-al00c00b153
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2017-8150HIGH7.8ten sam produkt

The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B...

CVE-2017-2726HIGH8.4ten sam produkt

Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-...

CVE-2017-2725HIGH7.8ten sam produkt

Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-...

CVE-2017-2724HIGH8.4ten sam produkt

Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-...

CVE-2020-1872MEDIUM4.6ten sam produkt

Huawei smart phones P10 Plus with versions earlier than 9.1.0.201(C01E75R1P12T8), earlier than 9.1.0.252(C185E...