CVE-2017-8142

Name of the Vulnerable Software and Affected Versions Huawei Mate 9 versions prior to MHA-AL00BC00B221 Huawei Mate 9 Pro versions prior to LON-AL00BC00B221

Description The issue is related to a use after free (UAF) vulnerability in the Trusted Execution Environment (TEE) module driver. An attacker can exploit this by tricking a user into installing a malicious application. This application can create multiple threads and attempt to allocate and free specific memory, potentially triggering access to memory after it has been freed. This could lead to a system crash or allow for arbitrary code execution.

Recommendations For Huawei Mate 9 versions prior to MHA-AL00BC00B221, update to version MHA-AL00BC00B221 or later. For Huawei Mate 9 Pro versions prior to LON-AL00BC00B221, update to version LON-AL00BC00B221 or later.