The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution.
Advisories
Source ID Title
EUVD EUVD EUVD-2017-6781 The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: huawei

Published:

Updated: 2024-09-17T04:14:18.256Z

Reserved: 2017-10-14T00:00:00

Link: CVE-2017-15325

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-03-23T16:29:00.130

Modified: 2024-11-21T03:14:28.067

Link: CVE-2017-15325

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.