CVE-2017-8202

Name of the Vulnerable Software and Affected Versions Huawei smart phones with software versions earlier than Prague-AL00AC00B205 Huawei smart phones with software versions earlier than Prague-AL00BC00B205 Huawei smart phones with software versions earlier than Prague-AL00CC00B205 Huawei smart phones with software versions earlier than Prague-TL00AC01B205 Huawei smart phones with software versions earlier than Prague-TL10AC01B205

Description The issue is caused by a buffer overflow vulnerability in the CameraISP driver due to the lack of parameter validation. An attacker can trick a user into installing a malicious APP, which can send a specific parameter to the CameraISP driver, causing a system reboot.

Recommendations For versions earlier than Prague-AL00AC00B205, update to a version Prague-AL00AC00B205 or later. For versions earlier than Prague-AL00BC00B205, update to a version Prague-AL00BC00B205 or later. For versions earlier than Prague-AL00CC00B205, update to a version Prague-AL00CC00B205 or later. For versions earlier than Prague-TL00AC01B205, update to a version Prague-TL00AC01B205 or later. For versions earlier than Prague-TL10AC01B205, update to a version Prague-TL10AC01B205 or later.