OpenCVE

Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Huawei	Honor 6 Honor 6 Firmware P9 P9 Firmware P9 Plus P9 Plus Firmware

Configuration 1 [-]

AND

cpe:2.3:o:huawei:p9_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:huawei:p9_plus_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:huawei:p9_plus:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:huawei:honor_6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:huawei:honor_6:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en
http://www.securityfocus.com/bid/93530

History

No history.

MITRE

Status: PUBLISHED

Assigner: huawei

Published: 2017-04-02T20:00:00

Updated: 2024-08-06T02:35:00.190Z

Reserved: 2016-10-18T00:00:00

Link: CVE-2016-8759

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-04-02T20:59:01.173

Modified: 2024-11-21T03:00:00.440

Link: CVE-2016-8759

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "P9,Honor 6 Versions before EVA-AL10C00B192,Versions before H60-L02_6.10.1", "vendor": "n/a", "versions": [{"status": "affected", "version": "P9,Honor 6 Versions before EVA-AL10C00B192,Versions before H60-L02_6.10.1"}]}], "datePublic": "2017-03-27T00:00:00", "descriptions": [{"lang": "en", "value": "Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege."}], "problemTypes": [{"descriptions": [{"description": "stack overflow", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-04-03T09:57:01", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"name": "93530", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/93530"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "ID": "CVE-2016-8759", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "P9,Honor 6 Versions before EVA-AL10C00B192,Versions before H60-L02_6.10.1", "version": {"version_data": [{"version_value": "P9,Honor 6 Versions before EVA-AL10C00B192,Versions before H60-L02_6.10.1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "stack overflow"}]}]}, "references": {"reference_data": [{"name": "93530", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93530"}, {"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T02:35:00.190Z"}, "title": "CVE Program Container", "references": [{"name": "93530", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/93530"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en"}]}]}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2016-8759", "datePublished": "2017-04-02T20:00:00", "dateReserved": "2016-10-18T00:00:00", "dateUpdated": "2024-08-06T02:35:00.190Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p9_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FBF38FD-8B21-4A0E-BD4A-435DC908A2B3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1E734BC-513F-4FF6-B4AB-46A3AD8FA9BA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p9_plus_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "272BDFFF-A203-43DB-8E21-9ACF2B17F8EB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p9_plus:-:*:*:*:*:*:*:*", "matchCriteriaId": "8604D307-4355-4426-A043-F9AD507190D0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C116913A-693F-40E3-A60E-329F9EF21774", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_6:-:*:*:*:*:*:*:*", "matchCriteriaId": "9FE24C63-66F2-4647-B32D-ADA1EAC7F23E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege."}, {"lang": "es", "value": "El controlador de video en tel\u00e9fonos Huawei P9 con versiones de software anteriores a EVA-AL10C00B192 y tel\u00e9fonos Huawei Honor 6 con versiones de software anteriores a H60-L02_6.10.1 tiene una vulnerabilidad de desbordamiento de pila, lo que permite a atacantes bloquear el sistema o escalar el privilegio del usuario."}], "id": "CVE-2016-8759", "lastModified": "2024-11-21T03:00:00.440", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-04-02T20:59:01.173", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en"}, {"source": "psirt@huawei.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/93530"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/93530"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}