CVE-2017-8159 - OpenCVE

Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	Agassi-l09hn Kobe-l09ahn Kobe-w09chn Firmware Agassi-w09hn Firmware Kobe-w09chn Agassi-l09hn Firmware Kobe-l09ahn Firmware Agassi-w09hn

Configuration 1 [-]

AND

cpe:2.3:o:huawei:agassi-l09hn_firmware:ags-l09c233b019:*:*:*:*:*:*:*

cpe:2.3:h:huawei:agassi-l09hn:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:huawei:agassi-w09hn_firmware:ags-w09c233b019:*:*:*:*:*:*:*

cpe:2.3:h:huawei:agassi-w09hn:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:huawei:kobe-l09ahn_firmware:kob-l09c233b017:*:*:*:*:*:*:*

cpe:2.3:h:huawei:kobe-l09ahn:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:huawei:kobe-w09chn_firmware:kob-w09c233b012:*:*:*:*:*:*:*

cpe:2.3:h:huawei:kobe-w09chn:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: huawei

Published: 2017-11-15T00:00:00

Updated: 2017-11-22T18:57:01

Reserved: 2017-04-25T00:00:00

Link: CVE-2017-8159

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-11-22T19:29:03.677

Modified: 2017-12-12T17:40:56.607

Link: CVE-2017-8159

JSON object: View

Redhat Information

No data.

CWE

CWE-704

{"containers": {"cna": {"affected": [{"product": "Agassi-L09HN,Agassi-W09HN,Kobe-L09AHN,Kobe-W09CHN,", "vendor": "Huawei Technologies Co., Ltd.", "versions": [{"status": "affected", "version": "AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012"}]}], "datePublic": "2017-11-15T00:00:00", "descriptions": [{"lang": "en", "value": "Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution."}], "problemTypes": [{"descriptions": [{"description": "Type Confusion", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-22T18:57:01", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "DATE_PUBLIC": "2017-11-15T00:00:00", "ID": "CVE-2017-8159", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Agassi-L09HN,Agassi-W09HN,Kobe-L09AHN,Kobe-W09CHN,", "version": {"version_data": [{"version_value": "AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012"}]}}]}, "vendor_name": "Huawei Technologies Co., Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Type Confusion"}]}]}, "references": {"reference_data": [{"name": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en"}]}}}}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2017-8159", "datePublished": "2017-11-15T00:00:00", "dateReserved": "2017-04-25T00:00:00", "dateUpdated": "2017-11-22T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:agassi-l09hn_firmware:ags-l09c233b019:*:*:*:*:*:*:*", "matchCriteriaId": "9C80E3F6-CAAB-4E42-A263-C3B133040FE9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:agassi-l09hn:-:*:*:*:*:*:*:*", "matchCriteriaId": "3498A696-E831-453C-ABCE-77A9908E96F6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:agassi-w09hn_firmware:ags-w09c233b019:*:*:*:*:*:*:*", "matchCriteriaId": "AE8DE54A-E45A-4676-BD89-28C36DA471C3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:agassi-w09hn:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF342830-41FF-4E16-9090-2AB68DD822A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:kobe-l09ahn_firmware:kob-l09c233b017:*:*:*:*:*:*:*", "matchCriteriaId": "24DE753F-E19D-4F36-93E6-DFBD5BC9EF31", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:kobe-l09ahn:-:*:*:*:*:*:*:*", "matchCriteriaId": "58C4B423-90C0-4A6E-A246-1A8BB7282AC8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:kobe-w09chn_firmware:kob-w09c233b012:*:*:*:*:*:*:*", "matchCriteriaId": "643CA10D-515D-4D24-A1A5-D31DEA91D05C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:kobe-w09chn:-:*:*:*:*:*:*:*", "matchCriteriaId": "C9CAF9F7-A010-4349-BC8B-B3D6D37C3460", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution."}, {"lang": "es", "value": "Algunos smartphones Huawei con software AGS-L09C233B019, AGS-W09C233B019, KOB-L09C233B017 o KOB-W09C233B012 tienen una vulnerabilidad de confusi\u00f3n de tipos. El programa inicializa una variable utilizando un tipo, pero luego accede a esa variable utilizando un tipo diferente del original cuando realiza determinadas operaciones de registro. Un exploit exitoso podr\u00eda resultar en un desbordamiento de b\u00fafer que podr\u00eda causar la ejecuci\u00f3n de c\u00f3digo malicioso."}], "id": "CVE-2017-8159", "lastModified": "2017-12-12T17:40:56.607", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-22T19:29:03.677", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-704"}], "source": "nvd@nist.gov", "type": "Primary"}]}