CVE-2017-8202

Summary

The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than Prague-AL00CC00B205,versions earlier than Prague-TL00AC01B205,versions earlier than Prague-TL10AC01B205 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP, the APP can send a specific parameter to the CameraISP driver of the smart phone, causing system reboot.

Affected Software

VendorProductVersion RangeStatus
Huawei Technologies Co., Ltd.Prague-AL00A,Prague-AL00B,Prague-AL00C,Prague-TL00A,Prague-TL10AVersions earlier than Prague-AL00AC00B205,Versions earlier than Prague-AL00BC00B205,Versions earlier than Prague-AL00CC00B205,Versions earlier than Prague-TL00AC01B205,Versions earlier than Prague-TL10AC01B205affected

Weaknesses

  • buffer overflow

ADP Enrichment

CVE Program Container

Additional References

References