CVE-2020-9239

Name of the Vulnerable Software and Affected Versions Huawei smartphones BLA-A09 versions 8.0.0.123(C212) through 8.0.0.123(C797) Huawei smartphones BLA-TL00B versions earlier than 8.1.0.326(C01) Huawei smartphones Berkeley-L09 versions earlier than 8.0.0.172(C10) Huawei smartphones Duke-L09 versions Duke-L09C10B187 through Duke-L09C636B189 HUAWEI P20 versions earlier than 8.0.1.16(C00) HUAWEI P20 Pro versions earlier than 8.1.0.152(C00) Huawei smartphones Jimmy-AL00A versions earlier than Jimmy-AL00AC00B172 Huawei smartphones LON-L29D version LON-L29DC721B192 Huawei smartphones NEO-AL00D versions earlier than 8.1.0.172(C786) Huawei smartphones Stanford-AL00 version Stanford-AL00C00B123 Huawei smartphones Toronto-AL00 versions earlier than Toronto-AL00AC00B225 Huawei smartphones Toronto-TL10 versions earlier than Toronto-TL10C01B225

Description A module in the affected Huawei smartphones has a design error due to a lack of control of input, resulting in an information vulnerability. This allows attackers to exploit the issue.

Recommendations For BLA-A09 versions 8.0.0.123(C212) through 8.0.0.123(C797), update to a version later than 8.0.0.123(C797). For BLA-TL00B versions earlier than 8.1.0.326(C01), update to version 8.1.0.326(C01) or later. For Berkeley-L09 versions earlier than 8.0.0.172(C10), update to version 8.0.0.172(C10) or later. For Duke-L09 versions Duke-L09C10B187 through Duke-L09C636B189, update to a version later than Duke-L09C636B189. For HUAWEI P20 versions earlier than 8.0.1.16(C00), update to version 8.0.1.16(C00) or later. For HUAWEI P20 Pro versions earlier than 8.1.0.152(C00), update to version 8.1.0.152(C00) or later. For Jimmy-AL00A versions earlier than Jimmy-AL00AC00B172, update to version Jimmy-AL00AC00B172 or later. For LON-L29D version LON-L29DC721B192, update to a version later than LON-L29DC721B192. For NEO-AL00D versions earlier than 8.1.0.172(C786), update to version 8.1.0.172(C786) or later. For Stanford-AL00 version Stanford-AL00C00B123, update to a version later than Stanford-AL00C00B123. For Toronto-AL00 versions earlier than Toronto-AL00AC00B225, update to version Toronto-AL00AC00B225 or later. For Toronto-TL10 versions earlier than Toronto-TL10C01B225, update to version Toronto-TL10C01B225 or later.