CVE-2017-8204

Name of the Vulnerable Software and Affected Versions Honor 9 Huawei smart phones versions earlier than Stanford-AL10C00B175

Description The issue is caused by a buffer overflow vulnerability in the Bastet driver due to the lack of parameter validation. An attacker can trick a user into installing a malicious APP with root privilege, which can then send a specific parameter to the driver, causing arbitrary code execution.

Recommendations For versions earlier than Stanford-AL10C00B175, consider restricting the installation of apps to only trusted sources and avoid granting root privileges to unverified applications until a fix is available. As a temporary workaround, restrict access to the Bastet driver to minimize the risk of exploitation.