A vulnerability was found in Huawei P9 Plus (Smartphone Operating System) (affected version unknown). It has been rated as critical. Affected by this issue is an unknown functionality of the component Soundtrigger Driver. The manipulation with an unknown input leads to a double free vulnerability. Using CWE to declare the problem leads to CWE-415. The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations. Impacted is confidentiality, integrity, and availability. CVE summarizes:

The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can start multiple threads and try to free specific memory, which could triggers double free and causes a system crash or arbitrary code execution.

The bug was discovered 06/05/2017. The weakness was published 11/22/2017 (Website). The advisory is shared for download at huawei.com. This vulnerability is handled as CVE-2017-8140 since 04/25/2017. The attack may be launched remotely. No form of authentication is required for exploitation. Successful exploitation requires user interaction by the victim. There are neither technical details nor an exploit publicly available.

The vulnerability was handled as a non-public zero-day exploit for at least 170 days. During that time the estimated underground price was around $5k-$25k.

Upgrading eliminates this vulnerability.

Productinfo

Type

• Smartphone Operating System

Vendor

• Huawei

Name

• P9 Plus

License

• commercial

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion