CVE-2017-17227

Name of the Vulnerable Software and Affected Versions: Huawei Mate 10 smart phones versions before ALP-L09 8.0.0.120(C212) Huawei Mate 10 smart phones versions before ALP-L09 8.0.0.127(C900) Huawei Mate 10 smart phones versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652)

Description: The issue is related to an out-of-bounds memory access due to insufficient validation of input parameters in the GPU driver. An attacker can exploit this by tricking a user into installing a malicious application, which can then call the driver with specially crafted parameters to cause out-of-bounds memory access. This may result in a phone crash or potentially allow for arbitrary code execution.

Recommendations: For versions before ALP-L09 8.0.0.120(C212), update to a version after ALP-L09 8.0.0.120(C212) to resolve the issue. For versions before ALP-L09 8.0.0.127(C900), update to a version after ALP-L09 8.0.0.127(C900) to resolve the issue. For versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652), update to a version after ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) to resolve the issue.