What is CVE-2018-7899?

CVE-2018-7899 is a medium-severity vulnerability in Huawei Berkeley-al20, classified under Double Free. CVSS score: 5.5/10. Published 2018-04-19.

How severe is CVE-2018-7899?

Medium severity. CVSS v3 base score is 5.5 out of 10.

Double Free in Huawei Berkeley-al20

CVE-2018-7899

The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C…

Vulnerability class: Double Free

EPSS: 0.006 (42.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H.

Affected products

Huawei Berkeley-al20
Huawei Berkeley-al20_firmware — versions 8.0.0.105\(c00\), 8.0.0.111\(c00\), 8.0.0.112d\(c00\)
Huawei Berkeley-bd
Huawei Berkeley-bd_firmware — versions 1.0.0.21, 1.0.0.22, 1.0.0.23
Huawei Technologies Co., Ltd. Berkeley-al20, Berkeley-bd — versions Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C00), 8.0.0.142(C00), 8.0.0.151(C00), Berkeley-BD 1.0.0.21, 1.0.0.22, 1.0.0.23, 1.0.0.24, 1.0.0.26, 1.0.0.29

Weakness classification (CWE)

CWE-415 — Double Free

References

psirt@huawei.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2018-7899?: CVE-2018-7899 is a medium-severity vulnerability in Huawei Berkeley-al20, classified under Double Free. CVSS score: 5.5/10. Published 2018-04-19.
How severe is CVE-2018-7899?: Medium severity. CVSS v3 base score is 5.5 out of 10.