PT-2019-17556 · Huawei · Bastet
Publicado
2019-11-13
·
Atualizado
2019-11-15
·
CVE-2019-5282
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Bastet module of some Huawei smartphones versions earlier than 9.0.0.182(C00E82R1P21)
Bastet module of some Huawei smartphones versions earlier than 9.0.0.182(C01E82R1P21)
Bastet module of some Huawei smartphones versions earlier than 9.0.0.203(C432E7R1P11)
Bastet module of some Huawei smartphones versions earlier than 9.0.0.202(C185E2R1P12)
Description
The issue is related to a double free vulnerability. An attacker could trick a user into installing a malicious application, which would free the same memory address twice. This could result in malicious code execution.
Recommendations
For versions earlier than 9.0.0.182(C00E82R1P21), update to a version later than 9.0.0.182(C00E82R1P21).
For versions earlier than 9.0.0.182(C01E82R1P21), update to a version later than 9.0.0.182(C01E82R1P21).
For versions earlier than 9.0.0.203(C432E7R1P11), update to a version later than 9.0.0.203(C432E7R1P11).
For versions earlier than 9.0.0.202(C185E2R1P12), update to a version later than 9.0.0.202(C185E2R1P12).
Correção
Double Free
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Bastet