Vulnerability Details CVE-2019-5305
The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C185) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a system crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.9%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 7.1
References
Products affected by CVE-2019-5305
-
cpe:2.3:h:huawei:mate_10:-
-
cpe:2.3:o:huawei:mate_10_firmware:-
-
cpe:2.3:o:huawei:mate_10_firmware:10.0.0.143(c00e143r2p4)
-
cpe:2.3:o:huawei:mate_10_firmware:10.0.0.189(c185e6r1p3)
-
cpe:2.3:o:huawei:mate_10_firmware:9.0.0.159(c432e4r1p9t8)
-
cpe:2.3:o:huawei:mate_10_firmware:9.0.0.159(c636e2r1p12t8)
-
cpe:2.3:o:huawei:mate_10_firmware:9.0.0.167(c00e85r2p20t8)
-
cpe:2.3:o:huawei:mate_10_firmware:9.0.0.177(c185e2r1p12t8)
-
cpe:2.3:o:huawei:mate_10_firmware:alp-al00_8.0.0.120(sp2c00)
-
cpe:2.3:o:huawei:mate_10_firmware:alp-al00_8.1.0.311
-
cpe:2.3:o:huawei:mate_10_firmware:alp-al00b_9.0.0.167(c00e85r2p20t8)
-
cpe:2.3:o:huawei:mate_10_firmware:alp-al00b_9.0.0.181(c00e87r2p20t8)
-
cpe:2.3:o:huawei:mate_10_firmware:alp-l09_8.0.0.120(c212)
-
cpe:2.3:o:huawei:mate_10_firmware:alp-l09_8.0.0.127(c900)
-
cpe:2.3:o:huawei:mate_10_firmware:alp-l09_8.0.0.128(402)
-
cpe:2.3:o:huawei:mate_10_firmware:alp-l09_8.0.0.128(c02)
-
cpe:2.3:o:huawei:mate_10_firmware:alp-l09_8.0.0.128(c109)
-
cpe:2.3:o:huawei:mate_10_firmware:alp-l09_8.0.0.128(c346)
-
cpe:2.3:o:huawei:mate_10_firmware:alp-l09_8.0.0.128(c432)
-
cpe:2.3:o:huawei:mate_10_firmware:alp-l09_8.0.0.128(c652)