Huawei Smart Phones CVE-2017-8205 Integer Overflow Vulnerability
Description: The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing arbitrary code execution.
Impact: Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause a denial-of-service condition.
Mitigation: Updates are available. Please see the references or vendor advisory for more information.
Reference URL’s:
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170914-02-smartphone-en
- http://www.securityfocus.com/bid/101963/info
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8205
Recommended Posts
Press release April 2023: Situational Security Alerts from CIRT
21 Apr 2023 - Articles, English articles, News, Notice, Security Advisories & Alerts

Security Best Practices
29 Mar 2023 - Security Advisories & Alerts