CVE-2016-8774

CVE	CVE-2016-8774
State	PUBLISHED
Assigner	huawei
Source Priority	CVE Program / NVD first with legacy fallback
Published	2017-04-02 20:59:01 UTC
Updated	2025-04-20 01:37:25 UTC
Description	The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366; and P9 phones with software Versions before EVA-AL10C00B190, Versions before EVA-DL10C00B190, Versions before EVA-TL10C00B190, Versions before EVA-CL10C00B190 allows attackers to get root privilege or crash the system or execute arbitrary code, related to a buffer overflow.

Primary CVSS: v3.0 6.7 MEDIUM from [email protected]

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Problem Types: CWE-119 | buffer overflow

Version	Source	Type	Score	Severity	Vector
3.0	[email protected]	Primary	6.7	MEDIUM	`CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H`
2.0	[email protected]	Primary	7.2		`AV:L/AC:L/Au:N/C:C/I:C/A:C`

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Access Vector

Local

Access Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Huawei	Mate 8	-	All	All	All
Operating System	Huawei	Mate 8 Firmware	-	All	All	All
Hardware	Huawei	Mate S	-	All	All	All
Operating System	Huawei	Mate S Firmware	-	All	All	All
Hardware	Huawei	P8	-	All	All	All
Operating System	Huawei	P8 Firmware	-	All	All	All
Hardware	Huawei	P9	-	All	All	All
Operating System	Huawei	P9 Firmware	-	All	All	All

Source	Vendor	Product	Version	Platforms
CNA	Na	Mate 8Mate SP8P9 Versions Before NXT-AL10C00B386Versions Before NXT-CL00C92B386Versions Before NXT-DL00C17B386Versions Before NXT-TL00C01B386Versions Before CRR-CL00C92B368Versions Before CRR-CL20C92B368Versions Before CRR-TL00C01B368Versions Before CRR-UL00C00B368Versions Before CRR-UL20C00B368Versions Before GRA-TL00C01B366Versions Before GRA-CL00C92B366Versions Before GRA-CL10C92B366Versions Before GRA-UL00C00B366Versions Before GRA-UL10C00B366Versions Before EVA-AL10C00B190Versions Before EVA-DL10C00B190Versions Before EVA-TL10C00B190Versions Before EVA-CL10C00B190	affected Mate 8,Mate S,P8,P9 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366,Versions before EVA-AL10C00B190,Versions before EVA-DL10C00B190,Versions before EVA-TL10C00B190,Versions before EVA-CL10C00B190,	Not specified

Reference	Source	Link	Tags
Security Advisory - Buffer Overflow Vulnerability in HIFI Driver of Huawei Smart Phone	af854a3a-2127-422b-91ae-364da2661108	www.huawei.com	Vendor Advisory
Multiple Huawei Products CVE-2016-8774 Local Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com	Third Party Advisory, VDB Entry
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.