CVE-2017-8205

Name of the Vulnerable Software and Affected Versions Honor 9 Huawei smart phones versions earlier than Stanford-AL10C00B175

Description The issue is caused by an integer overflow vulnerability in the Bastet driver due to the lack of parameter validation. An attacker can trick a user into installing a malicious APP with root privilege, which can then send a specific parameter to the driver, potentially leading to arbitrary code execution.

Recommendations For versions earlier than Stanford-AL10C00B175, consider restricting the installation of apps to only those from trusted sources and avoiding granting root privileges to untrusted applications until a fix is available.