Pan Yu

**Name of the Vulnerable Software and Affected Versions** Huawei H60 (Honor 6) versions earlier than H60-L02 6.12.16 Huawei P9 Plus versions earlier than VIE-AL10BC00B356 **Description** The issue is related to a stack overflow in the touchscreen drive. An attacker can exploit this by tricking a user into installing a malicious application on the smartphone and sending a specific parameter to the touchscreen drive, which can cause the system to crash or escalate privileges. **Recommendations** For Huawei H60 (Honor 6) versions earlier than H60-L02 6.12.16, update to version H60-L02 6.12.16 or later. For Huawei P9 Plus versions earlier than VIE-AL10BC00B356, update to version VIE-AL10BC00B356 or later.

**Name of the Vulnerable Software and Affected Versions** Huawei P9 phones versions prior to EVA-AL10C00B192 Huawei Honor 6 phones versions prior to H60-L02 6.10.1 **Description** The touchscreen driver has a heap overflow issue, allowing attackers to crash the system or escalate user privileges. **Recommendations** For Huawei P9 phones versions prior to EVA-AL10C00B192, update to version EVA-AL10C00B192 or later to resolve the issue. For Huawei Honor 6 phones versions prior to H60-L02 6.10.1, update to version H60-L02 6.10.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Huawei Honor 6, Honor 6 Plus, Honor 7 phones with software versions earlier than 6.9.16 **Description** The issue allows attackers to disable the PXN defense mechanism, potentially leading to system crashes or privilege escalation by invoking related drive code. **Recommendations** For versions earlier than 6.9.16, update to version 6.9.16 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Huawei Mate 7 phones with software versions prior to MT7-UL00C17B354 Huawei Mate 7 phones with software versions prior to MT7-TL10C00B354 Huawei Mate 7 phones with software versions prior to MT7-TL00C01B354 Huawei Mate 7 phones with software versions prior to MT7-CL00C92B354 Huawei P8 phones with software versions prior to GRA-TL00C01B220SP01 Huawei P8 phones with software versions prior to GRA-CL00C92B220 Huawei P8 phones with software versions prior to GRA-CL10C92B220 Huawei P8 phones with software versions prior to GRA-UL00C00B220 Huawei P8 phones with software versions prior to GRA-UL10C00B220 **Description** A heap-based buffer overflow in the HIFI driver allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application. **Recommendations** For Huawei Mate 7 phones with software versions prior to MT7-UL00C17B354, update to version MT7-UL00C17B354 or later. For Huawei Mate 7 phones with software versions prior to MT7-TL10C00B354, update to version MT7-TL10C00B354 or later. For Huawei Mate 7 phones with software versions prior to MT7-TL00C01B354, update to version MT7-TL00C01B354 or later. For Huawei Mate 7 phones with software versions prior to MT7-CL00C92B354, update to version MT7-CL00C92B354 or later. For Huawei P8 phones with software versions prior to GRA-TL00C01B220SP01, update to version GRA-TL00C01B220SP01 or later. For Huawei P8 phones with software versions prior to GRA-CL00C92B220, update to version GRA-CL00C92B220 or later. For Huawei P8 phones with software versions prior to GRA-CL10C92B220, update to version GRA-CL10C92B220 or later. For Huawei P8 phones with software versions prior to GRA-UL00C00B220, update to version GRA-UL00C00B220 or later. For Huawei P8 phones with software versions prior to GRA-UL10C00B220, update to version GRA-UL10C00B220 or later.