What is CVE-2016-8774?

CVE-2016-8774 is a medium-severity vulnerability in Huawei Mate_8, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 6.7/10. Published 2017-04-02.

How severe is CVE-2016-8774?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Buffer overflow in Huawei Mate_8

CVE-2016-8774

The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C…

Vulnerability class: Buffer Overflow

EPSS: 0.000 (11.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Huawei Mate_8
Huawei Mate_8_firmware
Huawei Mate_s
Huawei Mate_s_firmware
Huawei P8
Huawei P8_firmware
Huawei P9
Huawei P9_firmware
N/a Mate 8,mate S,p8,p9 Versions Before Nxt-al10c00b386,versions Nxt-cl00c92b386,versions Nxt-dl00c17b386,versions Nxt-tl00c01b386,versions Crr-cl00c92b368,versions Crr-cl20c92b368,versions Crr-tl00c01b368,versions Crr-ul00c00b368,versions Crr-ul20c00b368,versions Gra-tl00c01b366,versions Gra-cl00c92b366,versions Gra-cl10c92b366,versions Gra-ul00c00b366,versions Gra-ul10c00b366,versions Eva-al10c00b190,versions Eva-dl10c00b190,versions Eva-tl10c00b190,versions Eva-cl10c00b190, — versions Mate 8,Mate S,P8,P9 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366,Versions before EVA-AL10C00B190,Versions before EVA-DL10C00B190,Versions before EVA-TL10C00B190,Versions before EVA-CL10C00B190,

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

psirt@huawei.com (x_refsource_CONFIRM, Vendor Advisory)
psirt@huawei.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2016-8774?: CVE-2016-8774 is a medium-severity vulnerability in Huawei Mate_8, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 6.7/10. Published 2017-04-02.
How severe is CVE-2016-8774?: Medium severity. CVSS v3 base score is 6.7 out of 10.