CVE-2017-2697— 多款Huawei产品goldeneye驱动程序缓冲区错误漏洞

N/A

The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege.

N/A

N/A

多款Huawei产品goldeneye驱动程序缓冲区错误漏洞

Huawei GT3等都是中国华为（Huawei）公司的智能手机产品。goldeneye driver是其中运行在其中的一个goldeneye驱动程序。 多款Huawei产品中的goldeneye驱动程序存在缓冲区溢出漏洞，该漏洞源于缺少参数检查。已经获取安卓系统root权限的攻击者可通过诱使用户安装恶意应用程序利用该漏洞向手机发送特定参数，造成拒绝服务（系统重启）或提升权限。以下产品和版本受到影响：Huawei GT3 NMO-L31C432B120及之前的版本；Honor 5C NEM-L21C432

N/A

N/A