SB2019111511 - Multiple vulnerabilities in several Huawei smartphones
Published: November 15, 2019 Updated: December 5, 2019
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 8 secuirty vulnerabilities.
1) Race condition (CVE-ID: CVE-2019-5228)
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists in certain detection module due to a race condition when the system does not lock certain function properly. A local user can trick a victim to install a malicious application, trigger out of bound write and execute arbitrary code on the system.
2) Integer overflow (CVE-ID: CVE-2019-5288)
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists because of integer overflow due to insufficient check on specific parameters. A local user can trick the victim to install a malicious application, obtain the root permission, construct specific parameters to the camera program, trigger integer overflow and execute arbitrary code on the target system or break down the program.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
3) Integer overflow (CVE-ID: CVE-2019-5287)
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists because of integer overflow due to insufficient check on specific parameters. A local user can trick the victim to install a malicious application, obtain the root permission, construct specific parameters to the camera program, trigger integer overflow and execute arbitrary code on the target system or break down the program.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
4) Insufficient verification of data authenticity (CVE-ID: CVE-2019-5229)
The vulnerability allows a local attacker to execute arbitrary code on the target system.
The vulnerability exists due to the target system does not verify certain parameters sufficiently. An authenticated attacker with physical access to the device can connect to the phone, gain high privilege and execute arbitrary code on the target system.
5) Improper validation of integrity check value (CVE-ID: CVE-2019-5227)
The vulnerability allows a local user to escalate privileges on the system.
6) Improper validation of integrity check value (CVE-ID: CVE-2019-5226)
The vulnerability allows a local user to escalate privileges on the system.
7) Buffer overflow (CVE-ID: CVE-2019-5225)
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when the system does not properly validate certain length parameter which an application transports to kernel. A local user can trick a victim to install a malicious application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
8) Out-of-bounds read (CVE-ID: CVE-2019-5224)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when the system does not properly validate certain length parameter which an application transports to kernel. A local user can trick a victim to install a malicious application, trigger out-of-bounds read error and read contents of memory on the system.
Remediation
Install update from vendor's website.
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-smartphone-en
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-02-smartphone-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-03-smartphone-en