CVE-2019-5225
Description
P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.396
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities affected in p30_firmware 9.1.0.226(c00e220r2p1) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 9.1.0.193(c00e190r2p1) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 9.1.0.193 | NCM |
| Multiple Vulnerabilities affected in p30_firmware elle-al00b_9.1.0.186(c00e180r2p1) | NCM |
| Multiple Vulnerabilities affected in p30_firmware ele-al00_9.1.0.162(c01e160r1p12/c01e160r2p1) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.1.0.160(c01e160r2p11) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.1.0.160(c00e160r3p8) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.1.0.160(c00e160r2p11) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.1.0.135(c00e135r2p11) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.1.0.128(c635e3r2p4) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.1.0.126(c636e7r3p4) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.1.0.126(c605e19r1p3) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.1.0.126(c461e7r3p1) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.1.0.126(c185e4r7p1) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.1.0.126(c10e7r5p1) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.1.0.123(c432e22r2p5) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.1.0.123(c431e22r2p5) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.0.0.185(c00e85r1p11) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.0.0.173(c00e73r1p11) | NCM |
| Multiple Vulnerabilities affected in p30_firmware 10.0.0.166(c00e66r1p11) | NCM |
| Buffer Copy without Checking Size of Input (Classic Buffer Overflow) Vulnerability (CVE-2019-5225) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234