Wang Qize

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 3.x.x and 4.x.x before 4.18.0 **Description** The issue is related to a heap overflow flaw in the Marvell WiFi chip driver of the Linux kernel. This flaw allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code with root permissions, affecting the confidentiality and integrity of files on the system. **Recommendations** For Linux kernel versions 3.x.x and 4.x.x before 4.18.0, update to version 4.18.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Marvell WiFi chip driver to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.14.16 Description: The issue allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call. This is due to a problem in the acpi smbus hc add function in drivers/acpi/sbshc.c. Recommendations: For Linux kernel versions prior to 4.14.16, update to version 4.14.16 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Huawei Honor 6, Honor 6 Plus, Honor 7 phones with software versions earlier than 6.9.16 **Description** The issue allows attackers to disable the PXN defense mechanism, potentially leading to system crashes or privilege escalation by invoking related drive code. **Recommendations** For versions earlier than 6.9.16, update to version 6.9.16 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Huawei Mate S smartphones with software CRR-TL00 before CRR-TL00C01B362 Huawei Mate S smartphones with software CRR-UL20 before CRR-UL20C00B362 Huawei Mate S smartphones with software CRR-CL00 before CRR-CL00C92B362 Huawei Mate S smartphones with software CRR-CL20 before CRR-CL20C92B362 P8 smartphones with software GRA-TL00 before GRA-TL00C01B366 P8 smartphones with software GRA-UL00 before GRA-UL00C00B366 P8 smartphones with software GRA-UL10 before GRA-UL10C00B366 P8 smartphones with software GRA-CL00 before GRA-CL00C92B366 Honor 6 and Honor 6 Plus smartphones with software before 6.9.16 **Description** The video driver in the affected smartphones allows attackers to cause a denial of service, resulting in a device reboot, via a crafted application. **Recommendations** For Huawei Mate S smartphones with software CRR-TL00 before CRR-TL00C01B362, update to CRR-TL00C01B362 or later. For Huawei Mate S smartphones with software CRR-UL20 before CRR-UL20C00B362, update to CRR-UL20C00B362 or later. For Huawei Mate S smartphones with software CRR-CL00 before CRR-CL00C92B362, update to CRR-CL00C92B362 or later. For Huawei Mate S smartphones with software CRR-CL20 before CRR-CL20C92B362, update to CRR-CL20C92B362 or later. For P8 smartphones with software GRA-TL00 before GRA-TL00C01B366, update to GRA-TL00C01B366 or later. For P8 smartphones with software GRA-UL00 before GRA-UL00C00B366, update to GRA-UL00C00B366 or later. For P8 smartphones with software GRA-UL10 before GRA-UL10C00B366, update to GRA-UL10C00B366 or later. For P8 smartphones with software GRA-CL00 before GRA-CL00C92B366, update to GRA-CL00C92B366 or later. For Honor 6 and Honor 6 Plus smartphones with software before 6.9.16, update to 6.9.16 or later.

**Name of the Vulnerable Software and Affected Versions** Huawei Mate 7 phones with software versions prior to MT7-UL00C17B354 Huawei Mate 7 phones with software versions prior to MT7-TL10C00B354 Huawei Mate 7 phones with software versions prior to MT7-TL00C01B354 Huawei Mate 7 phones with software versions prior to MT7-CL00C92B354 Huawei P8 phones with software versions prior to GRA-TL00C01B220SP01 Huawei P8 phones with software versions prior to GRA-CL00C92B220 Huawei P8 phones with software versions prior to GRA-CL10C92B220 Huawei P8 phones with software versions prior to GRA-UL00C00B220 Huawei P8 phones with software versions prior to GRA-UL10C00B220 **Description** A heap-based buffer overflow in the HIFI driver allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application. **Recommendations** For Huawei Mate 7 phones with software versions prior to MT7-UL00C17B354, update to version MT7-UL00C17B354 or later. For Huawei Mate 7 phones with software versions prior to MT7-TL10C00B354, update to version MT7-TL10C00B354 or later. For Huawei Mate 7 phones with software versions prior to MT7-TL00C01B354, update to version MT7-TL00C01B354 or later. For Huawei Mate 7 phones with software versions prior to MT7-CL00C92B354, update to version MT7-CL00C92B354 or later. For Huawei P8 phones with software versions prior to GRA-TL00C01B220SP01, update to version GRA-TL00C01B220SP01 or later. For Huawei P8 phones with software versions prior to GRA-CL00C92B220, update to version GRA-CL00C92B220 or later. For Huawei P8 phones with software versions prior to GRA-CL10C92B220, update to version GRA-CL10C92B220 or later. For Huawei P8 phones with software versions prior to GRA-UL00C00B220, update to version GRA-UL00C00B220 or later. For Huawei P8 phones with software versions prior to GRA-UL10C00B220, update to version GRA-UL10C00B220 or later.