CVE-2017-17227 - OpenCVE

GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause accessing out-of-bounds memory. Successful exploit may result in phone crash or arbitrary code execution.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	Mate 10 Firmware Mate 10

Configuration 1 [-]

AND

cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-smartphone-en	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: huawei

Published: 2018-03-09T17:00:00

Updated: 2018-03-09T16:57:01

Reserved: 2017-12-04T00:00:00

Link: CVE-2017-17227

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-03-09T17:29:01.500

Modified: 2018-03-26T18:05:58.757

Link: CVE-2017-17227

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Mate 10", "vendor": "Huawei Technologies Co., Ltd.", "versions": [{"status": "affected", "version": "The versions before ALP-L09 8.0.0.120(C212)"}, {"status": "affected", "version": "The versions before ALP-L09 8.0.0.127(C900)"}, {"status": "affected", "version": "The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652)"}]}], "datePublic": "2018-02-07T00:00:00", "descriptions": [{"lang": "en", "value": "GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause accessing out-of-bounds memory. Successful exploit may result in phone crash or arbitrary code execution."}], "problemTypes": [{"descriptions": [{"description": "input parameters validation", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-03-09T16:57:01", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-smartphone-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "ID": "CVE-2017-17227", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Mate 10", "version": {"version_data": [{"version_value": "The versions before ALP-L09 8.0.0.120(C212)"}, {"version_value": "The versions before ALP-L09 8.0.0.127(C900)"}, {"version_value": "The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652)"}]}}]}, "vendor_name": "Huawei Technologies Co., Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause accessing out-of-bounds memory. Successful exploit may result in phone crash or arbitrary code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "input parameters validation"}]}]}, "references": {"reference_data": [{"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-smartphone-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-smartphone-en"}]}}}}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2017-17227", "datePublished": "2018-03-09T17:00:00", "dateReserved": "2017-12-04T00:00:00", "dateUpdated": "2018-03-09T16:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9C32EE8-78A0-4766-8DCC-4D2EDAFF1751", "versionEndExcluding": "alp-l09_8.0.0.120\\(c212\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "394490F2-5E47-4A28-A71C-075DBBA34C9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "76397448-23A4-4182-ADE1-A537ABE5AFC3", "versionEndExcluding": "alp-l09_8.0.0.127\\(c900\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "394490F2-5E47-4A28-A71C-075DBBA34C9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8253F411-9C04-471A-BBFB-CA05FE351B17", "versionEndExcluding": "alp-l09_8.0.0.128\\(402\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "394490F2-5E47-4A28-A71C-075DBBA34C9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "522E227F-F78E-48A8-B397-3E90405906F8", "versionEndExcluding": "alp-l09_8.0.0.128\\(c02\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "394490F2-5E47-4A28-A71C-075DBBA34C9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "83D5D1AB-85A9-4370-8264-202E3C95705F", "versionEndExcluding": "alp-l09_8.0.0.128\\(c109\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "394490F2-5E47-4A28-A71C-075DBBA34C9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B240EC7-A97B-4483-BCA9-3C795544095B", "versionEndExcluding": "alp-l09_8.0.0.128\\(c346\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "394490F2-5E47-4A28-A71C-075DBBA34C9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC12F50A-34FE-4A5F-9254-42913E936F66", "versionEndExcluding": "alp-l09_8.0.0.128\\(c432\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "394490F2-5E47-4A28-A71C-075DBBA34C9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F07C467-F3E2-442D-B559-525D3652AE40", "versionEndExcluding": "alp-l09_8.0.0.128\\(c652\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "394490F2-5E47-4A28-A71C-075DBBA34C9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause accessing out-of-bounds memory. Successful exploit may result in phone crash or arbitrary code execution."}, {"lang": "es", "value": "El controlador de la GPU en smartphones Huawei Mate 10, en versiones anteriores a la ALP-L09 8.0.0.120(C212); ALP-L09 8.0.0.127(C900) y ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) tiene una vulnerabilidad de acceso a la memoria fuera de l\u00edmites debido a la validaci\u00f3n de par\u00e1metros de entrada. Un atacante podr\u00eda enga\u00f1ar a un usuario para que instale una aplicaci\u00f3n maliciosa en el smartphone que pueda llamar al controlador con un par\u00e1metro especial y provocar un acceso a la memoria fuera de l\u00edmites. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda desembocar en el cierre inesperado del tel\u00e9fono o en la ejecuci\u00f3n arbitraria de c\u00f3digo."}], "id": "CVE-2017-17227", "lastModified": "2018-03-26T18:05:58.757", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-03-09T17:29:01.500", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-smartphone-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}