Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
The DMSDP module of the distributed hardware has a vulnerability that may cause imposter control connections.Successful exploitation of this vulnerability may disconnect normal service connections.
There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation of this vulnerability may cause the printer service to be abnormal.
Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system panic.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect availability.
Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service (DoS) attacks to the kernel.
The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
Vulnerability of improper resource management in the memory management module Impact: Successful exploitation of this vulnerability may affect availability.
Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of incomplete verification information in the VPN service module Impact: Successful exploitation of this vulnerability may affect availability.
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.
UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.
Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of native APIs not being implemented in the NFC service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Vulnerability of variables not being initialized in the notification module Impact: Successful exploitation of this vulnerability may affect availability.
Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Startup control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect power consumption.
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
Vulnerability of message types not being verified in the advanced messaging modul Impact: Successful exploitation of this vulnerability may affect availability.
The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.
AC6005 with software V200R006C10, AC6605 with software V200R006C10 have a DoS Vulnerability. An attacker can send malformed packets to the device, which causes the device memory leaks, leading to DoS attacks.
The kernel module has the vulnerability that the mapping is not cleared after the memory is automatically released. Successful exploitation of this vulnerability may cause a system restart.
S3300 V100R006C05 have an Ethernet in the First Mile (EFM) flapping vulnerability due to the lack of type-length-value (TLV) consistency check. An attacker may craft malformed packets and send them to a device to cause EFM flapping.
The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable.
Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.
The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device.
The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability.
Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability.
The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability.
The DFX unwind stack module of the ArkCompiler has a vulnerability in interface calling.Successful exploitation of this vulnerability affects system services and device availability.
SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service.