Vulnerability Details CVE-2017-17173
Due to insufficient parameters verification GPU driver of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.356(C00) has an arbitrary memory free vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to driver to release special kernel memory resource. Successful exploit may result in phone crash or arbitrary code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.1%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
References
Products affected by CVE-2017-17173
-
cpe:2.3:h:huawei:mate_9_pro:-
-
cpe:2.3:o:huawei:mate_9_pro_fimware:-
-
cpe:2.3:o:huawei:mate_9_pro_fimware:lon-al00b_8.0.0.334(c00)
-
cpe:2.3:o:huawei:mate_9_pro_fimware:lon-al00b_8.0.0.340a(c00)