PT-2017-15516 · Huawei · Honor 5A

Published

2017-11-22

Updated

2017-12-11

CVE-2017-2729

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Honor 5A smart phones with software versions earlier than CAM-TL00C01B193 Honor 5A smart phones with software versions earlier than CAM-TL00HC00B193 Honor 5A smart phones with software versions earlier than CAM-UL00C00B193

Description The boot loaders in Honor 5A smart phones have a buffer overflow issue. An attacker with root privilege of an Android system can trick a user into installing a malicious APP, which can modify specific data to cause buffer overflow in the next system reboot. This can lead to continuous system reboot or arbitrary code execution.

Recommendations For versions earlier than CAM-TL00C01B193, update to version CAM-TL00C01B193 or later. For versions earlier than CAM-TL00HC00B193, update to version CAM-TL00HC00B193 or later. For versions earlier than CAM-UL00C00B193, update to version CAM-UL00C00B193 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2017-2729

Affected Products

Honor 5A

PT-2017-15516 · Huawei · Honor 5A

CVE-2017-2729

Weakness Enumeration

Related Identifiers

Affected Products

References · 4