CVE-2015-8307

The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application with the graphics permission, aka an "interface access control vulnerability," a different vulnerability than CVE-2015-8680.

Published: Apr 7, 2016
Updated: Apr 13, 2023
CVE: CVE-2015-8307
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
huawei / mate_s_firmware	crr-cl00	crr-cl00.x
huawei / mate_s_firmware	crr-tl00	crr-tl00.x
huawei / mate_s_firmware	crr-ul00	crr-ul00.x
huawei / p8_firmware	gra-cl00	gra-cl00.x
huawei / p8_firmware	gra-cl10	gra-cl10.x
huawei / p8_firmware	gra-tl00	gra-tl00.x
huawei / p8_firmware	gra-ul00	gra-ul00.x
huawei / p8_firmware	gra-ul10	gra-ul10.x

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160104-04-smartphone-en

Vulnerability Database

290,206

CVE-2015-8307