CVE-2017-8170

Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the smart phone, causing the smartphone restart or arbitrary code execution.

Date published : 2017-11-22

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171025-01-overflow-en