Sign-up

ID

VAR-201704-0499


CVE

CVE-2016-8764


TITLE

plural Huawei Smartphone software TrustZone Driver input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-008238

DESCRIPTION

The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver. Huawei P9, P9Lite, and P8Lite are Huawei smartphones. Some of Huawei's mobile secure storage trusted applications (SecureStorageTrustedApp) have security bypass vulnerabilities. An attacker who has obtained root access to the Android system can exploit the vulnerability to read and write user-state memory data at any location in TrustZone. Multiple Huawei Products are prone to the following multiple security vulnerabilities. 1. A denial-of-service vulnerability. 2. A privilege escalation vulnerability. 3. Attackers can exploit these issues to perform certain unauthorized actions or gain elevated privileges. Failed exploit attempts will likely cause denial-of-service conditions

Trust: 2.61

sources: NVD: CVE-2016-8764 // JVNDB: JVNDB-2016-008238 // CNVD: CNVD-2016-11632 // BID: 94509 // VULHUB: VHN-97584 // VULMON: CVE-2016-8764

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-11632

AFFECTED PRODUCTS

vendor:huaweimodel:p9scope:eqversion: -

Trust: 1.6

vendor:huaweimodel:p9 litescope:lteversion:vns-l21c185b130

Trust: 1.0

vendor:huaweimodel:p8 litescope:lteversion:ale-l02c636b150

Trust: 1.0

vendor:huaweimodel:p8 litescope: - version: -

Trust: 0.8

vendor:huaweimodel:p9 litescope: - version: -

Trust: 0.8

vendor:huaweimodel:p9scope: - version: -

Trust: 0.8

vendor:huaweimodel:p9 <eva-al10c00b352scope: - version: -

Trust: 0.6

vendor:huaweimodel:p9 lite <vns-l21c185b130scope: - version: -

Trust: 0.6

vendor:huaweimodel:p8 lite <ale-l02c636b150scope: - version: -

Trust: 0.6

vendor:huaweimodel:p9 litescope:eqversion:vns-l21c185b130

Trust: 0.6

vendor:huaweimodel:p8 litescope:eqversion:ale-l02c636b150

Trust: 0.6

vendor:huaweimodel:p9 lite vns-l21c185b130scope: - version: -

Trust: 0.3

vendor:huaweimodel:p9scope:eqversion:0

Trust: 0.3

vendor:huaweimodel:p8 lite ale-l02c636b150scope: - version: -

Trust: 0.3

vendor:huaweimodel:p9 lite vns-l21c185b150scope:neversion: -

Trust: 0.3

vendor:huaweimodel:p9 eva-al00c00b352scope:neversion: -

Trust: 0.3

vendor:huaweimodel:p8 lite ale-l02c636b170scope:neversion: -

Trust: 0.3

sources: CNVD: CNVD-2016-11632 // BID: 94509 // JVNDB: JVNDB-2016-008238 // CNNVD: CNNVD-201611-655 // NVD: CVE-2016-8764

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-8764
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-8764
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2016-11632
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201611-655
value: MEDIUM

Trust: 0.6

VULHUB: VHN-97584
value: MEDIUM

Trust: 0.1

VULMON: CVE-2016-8764
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-8764
severity: MEDIUM
baseScore: 4.1
vectorString: AV:L/AC:M/AU:S/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 2.7
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2016-11632
severity: MEDIUM
baseScore: 5.9
vectorString: AV:L/AC:H/AU:N/C:C/I:C/A:P
accessVector: LOCAL
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: PARTIAL
exploitabilityScore: 1.9
impactScore: 9.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-97584
severity: MEDIUM
baseScore: 4.1
vectorString: AV:L/AC:M/AU:S/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 2.7
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-8764
baseSeverity: MEDIUM
baseScore: 6.4
vectorString: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.5
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2016-11632 // VULHUB: VHN-97584 // VULMON: CVE-2016-8764 // JVNDB: JVNDB-2016-008238 // CNNVD: CNNVD-201611-655 // NVD: CVE-2016-8764

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-97584 // JVNDB: JVNDB-2016-008238 // NVD: CVE-2016-8764

THREAT TYPE

local

Trust: 0.9

sources: BID: 94509 // CNNVD: CNNVD-201611-655

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201611-655

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-008238

PATCH
title:huawei-sa-20161123-01-smartphoneurl:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en
Trust: 0.8
title:Huawei's mobile phone secure storage trusted application has a security bypass vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/84477
Trust: 0.6
title:Multiple Huawei Repair measures for device security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65930
Trust: 0.6
title:boomerangurl:https://github.com/ucsb-seclab/boomerang 
Trust: 0.1
title: - url:https://github.com/23hour/boomerang_qemu 
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-11632 // 
            
            
            
            VULMON: CVE-2016-8764 // 
            
            
            
            JVNDB: JVNDB-2016-008238 // 
            
            
            
            CNNVD: CNNVD-201611-655

EXTERNAL IDS
db:NVDid:CVE-2016-8764
Trust: 3.5
db:BIDid:94509
Trust: 2.7
db:JVNDBid:JVNDB-2016-008238
Trust: 0.8
db:CNNVDid:CNNVD-201611-655
Trust: 0.7
db:CNVDid:CNVD-2016-11632
Trust: 0.6
db:VULHUBid:VHN-97584
Trust: 0.1
db:VULMONid:CVE-2016-8764
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-11632 // 
            
            
            
            VULHUB: VHN-97584 // 
            
            
            
            VULMON: CVE-2016-8764 // 
            
            
            
            BID: 94509 // 
            
            
            
            JVNDB: JVNDB-2016-008238 // 
            
            
            
            CNNVD: CNNVD-201611-655 // 
            
            
            
            NVD: CVE-2016-8764

REFERENCES
url:http://www.securityfocus.com/bid/94509
Trust: 1.9
url:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en
Trust: 1.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8764
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2016-8764
Trust: 0.8
url:http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20161123-01-smartphone-cn
Trust: 0.6
url:http://www.huawei.com/en/
Trust: 0.3
url:http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20161123-01-smartphone-en
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/20.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://github.com/ucsb-seclab/boomerang
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-11632 // 
            
            
            
            VULHUB: VHN-97584 // 
            
            
            
            VULMON: CVE-2016-8764 // 
            
            
            
            BID: 94509 // 
            
            
            
            JVNDB: JVNDB-2016-008238 // 
            
            
            
            CNNVD: CNNVD-201611-655 // 
            
            
            
            NVD: CVE-2016-8764

CREDITS
Nick Stephens.
Trust: 0.9
sources:
            
            
            BID: 94509 // 
            
            
            
            CNNVD: CNNVD-201611-655

SOURCES
db:CNVDid:CNVD-2016-11632
db:VULHUBid:VHN-97584
db:VULMONid:CVE-2016-8764
db:BIDid:94509
db:JVNDBid:JVNDB-2016-008238
db:CNNVDid:CNNVD-201611-655
db:NVDid:CVE-2016-8764

LAST UPDATE DATE
2024-11-23T21:41:29.486000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-11632date:2016-11-29T00:00:00
db:VULHUBid:VHN-97584date:2017-04-07T00:00:00
db:VULMONid:CVE-2016-8764date:2017-04-07T00:00:00
db:BIDid:94509date:2016-12-20T01:02:00
db:JVNDBid:JVNDB-2016-008238date:2017-05-08T00:00:00
db:CNNVDid:CNNVD-201611-655date:2016-12-02T00:00:00
db:NVDid:CVE-2016-8764date:2024-11-21T03:00:01.063

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-11632date:2016-11-29T00:00:00
db:VULHUBid:VHN-97584date:2017-04-02T00:00:00
db:VULMONid:CVE-2016-8764date:2017-04-02T00:00:00
db:BIDid:94509date:2016-11-24T00:00:00
db:JVNDBid:JVNDB-2016-008238date:2017-05-08T00:00:00
db:CNNVDid:CNNVD-201611-655date:2016-11-24T00:00:00
db:NVDid:CVE-2016-8764date:2017-04-02T20:59:01.327