CVE-2017-2697

Summary

CVE	CVE-2017-2697
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2017-11-22 19:29:00 UTC
Updated	2017-12-12 18:14:00 UTC
Description	The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege.

Risk And Classification

Problem Types: CWE-119

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Huawei	Gt3	-	All	All	All
Hardware	Huawei	Gt3	-	All	All	All
Operating System	Huawei	Gt3 Firmware	All	All	All	All
Hardware	Huawei	Honor 5c	-	All	All	All
Hardware	Huawei	Honor 5c	-	All	All	All
Operating System	Huawei	Honor 5c Firmware	All	All	All	All
Hardware	Huawei	Knt	-	All	All	All
Hardware	Huawei	Knt	-	All	All	All
Operating System	Huawei	Knt Firmware	All	All	All	All
Hardware	Huawei	P9 Lite	-	All	All	All
Hardware	Huawei	P9 Lite	-	All	All	All
Operating System	Huawei	P9 Lite Firmware	All	All	All	All
Hardware	Huawei	Y6ii	-	All	All	All
Hardware	Huawei	Y6ii	-	All	All	All
Operating System	Huawei	Y6ii Firmware	All	All	All	All
Operating System	Huawei	Y6ii Firmware	All	All	All	All

References

Reference	Source	Link	Tags
Security Advisory - Buffer Overflow Vulnerability in Goldeneye Driver of Huawei Smart Phones	CONFIRM	www.huawei.com	Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.