CVE-2015-8682

The Video0 driver in Huawei P8 smartphones with software GRA-UL00 before GRA-UL00C00B350, GRA-UL10 before GRA-UL10C00B350, GRA-TL00 before GRA-TL00C01B350, GRA-CL00 before GRA-CL00C92B350, and GRA-CL10 before GRA-CL10C92B350 and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to obtain sensitive information from stack memory or cause a denial of service (system crash) via a crafted application, which triggers an invalid memory access.

Published: Apr 13, 2016
Updated: Apr 13, 2023
CVE: CVE-2015-8682
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.1
AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:M/Au:N/C:P/I:N/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
huawei / mate_s_firmware	-	crr-cl00c92b153.x
huawei / mate_s_firmware	-	crr-tl00c01b153sp01.x
huawei / mate_s_firmware	-	crr-ul00c00b153.x
huawei / p8_firmware	-	gra-cl00c92b230.x
huawei / p8_firmware	-	gra-cl10c92b230.x
huawei / p8_firmware	-	gra-tl00c01b230.x
huawei / p8_firmware	-	gra-ul00c00b230.x
huawei / p8_firmware	-	gra-ul10c00b230.x

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160130-01-smartphone-en

Vulnerability Database

290,206

CVE-2015-8682