CVE-2017-17173

Summary

Due to insufficient parameters verification GPU driver of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.356(C00) has an arbitrary memory free vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to driver to release special kernel memory resource. Successful exploit may result in phone crash or arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
Huawei Technologies Co., Ltd.Mate 9 ProThe versions before LON-AL00B 8.0.0.356(C00)affected

Weaknesses

  • arbitrary memory free

ADP Enrichment

CVE Program Container

Additional References

References