CVE-2017-15311

Name of the Vulnerable Software and Affected Versions Huawei Mate 10 versions before 8.0.0.120(SP2C00) Huawei Mate 10 Pro versions before 8.0.0.120(SP2C00) Huawei Mate 9 versions before 8.0.0.334(C00) Huawei Mate 9 Pro versions before 8.0.0.334(C00)

Description The baseband modules of the affected Huawei smart phones have a stack overflow issue due to the lack of parameter validation. An attacker could send malicious packets to the smart phones within radio range using a special wireless device, leading to a stack overflow when the baseband module handles these packets. This could allow the attacker to perform a denial of service attack or achieve remote code execution in the baseband module.

Recommendations For Huawei Mate 10 versions before 8.0.0.120(SP2C00), update to version 8.0.0.120(SP2C00) or later. For Huawei Mate 10 Pro versions before 8.0.0.120(SP2C00), update to version 8.0.0.120(SP2C00) or later. For Huawei Mate 9 versions before 8.0.0.334(C00), update to version 8.0.0.334(C00) or later. For Huawei Mate 9 Pro versions before 8.0.0.334(C00), update to version 8.0.0.334(C00) or later.