CVE-2017-8205 - OpenCVE

The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing arbitrary code execution.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	Honor 9 Firmware Honor 9

Configuration 1 [-]

AND

cpe:2.3:o:huawei:honor_9_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:honor_9:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170914-02-smartphone-en	Vendor Advisory
http://www.securityfocus.com/bid/101963	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: huawei

Published: 2017-11-15T00:00:00

Updated: 2017-11-28T10:57:01

Reserved: 2017-04-25T00:00:00

Link: CVE-2017-8205

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-11-22T19:29:05.193

Modified: 2017-12-11T18:57:31.593

Link: CVE-2017-8205

JSON object: View

Redhat Information

No data.

CWE

CWE-190

{"containers": {"cna": {"affected": [{"product": "Honor 9", "vendor": "Huawei Technologies Co., Ltd.", "versions": [{"status": "affected", "version": "Versions earlier than Stanford-AL10C00B175"}]}], "datePublic": "2017-11-15T00:00:00", "descriptions": [{"lang": "en", "value": "The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing arbitrary code execution."}], "problemTypes": [{"descriptions": [{"description": "integer overflow", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-28T10:57:01", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"name": "101963", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101963"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170914-02-smartphone-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "DATE_PUBLIC": "2017-11-15T00:00:00", "ID": "CVE-2017-8205", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Honor 9", "version": {"version_data": [{"version_value": "Versions earlier than Stanford-AL10C00B175"}]}}]}, "vendor_name": "Huawei Technologies Co., Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing arbitrary code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "integer overflow"}]}]}, "references": {"reference_data": [{"name": "101963", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101963"}, {"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170914-02-smartphone-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170914-02-smartphone-en"}]}}}}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2017-8205", "datePublished": "2017-11-15T00:00:00", "dateReserved": "2017-04-25T00:00:00", "dateUpdated": "2017-11-28T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_9_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "09F80677-BA85-4301-AAE6-661E66EFF359", "versionEndExcluding": "stanford-al10c00b175", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_9:-:*:*:*:*:*:*:*", "matchCriteriaId": "804A493E-A0C3-41F7-AB1C-AE58F7473C26", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing arbitrary code execution."}, {"lang": "es", "value": "El controlador Bastet de los smartphones Huawei Honor 9 con versiones de software anteriores a Stanford-AL10C00B175 tiene una vulnerabilidad de desbordamiento de enteros debido a la falta de validaci\u00f3n de par\u00e1metros. Un atacante puede enga\u00f1ar a un usuario para que instale una app maliciosa que tiene privilegios root. La app podr\u00eda enviar un par\u00e1metro espec\u00edfico al controlador del smartphone, provocando la ejecuci\u00f3n de c\u00f3digo arbitrario."}], "id": "CVE-2017-8205", "lastModified": "2017-12-11T18:57:31.593", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-22T19:29:05.193", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170914-02-smartphone-en"}, {"source": "psirt@huawei.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101963"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}]}