CVE-2019-5214
Description
There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8). An attacker tricks the user into installing a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause a denial of service condition.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.077
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities affected in mate_10_firmware 10.0.0.143(c00e143r2p4) | NCM |
| Multiple Vulnerabilities affected in mate_10_firmware 9.0.0.177(c185e2r1p12t8) | NCM |
| Multiple Vulnerabilities affected in mate_10_firmware 9.0.0.167(c00e85r2p20t8) | NCM |
| Multiple Vulnerabilities affected in mate_10_firmware 9.0.0.159(c636e2r1p12t8) | NCM |
| Multiple Vulnerabilities affected in mate_10_firmware 9.0.0.159(c432e4r1p9t8) | NCM |
| Vulnerabilities CVE-2017-17227 ,CVE-2019-5214 ,CVE-2019-5219 ,CVE-2019-5305 are affected in mate_10_firmware alp-al00_8.1.0.311 | NCM |
| Use After Free Vulnerability (CVE-2019-5214) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234