Published: 02/04/2017 Updated: 07/04/2017

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 5 | Impact Score: 3.6 | Exploitability Score: 1.3

VMScore: 170

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P

The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and previous versions versions and P8 Lite with software ALE-L02C636B150 and previous versions versions has an input validation vulnerability, which allows malicious users to cause the system to restart.

Vulnerable Product	Search on Vulmon	Subscribe to Product
huawei p9_firmware -
huawei p9_lite_firmware
huawei p8_lite_firmware

Forked from https://github.com/ucsb-seclab/boomerang.git , add qemu support

BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments Contents Introduction Folder Structure 21 Static Analysis Tool 22 Proof of Concept Exploits 23 Cooperative Semantic Reconstruction 24 Papers 25 Presentation Contact Impact Coming Soon 1 Introduction BOOMERANG , a class of vulnerabilities that stem from the semantic gap between the non-sec

Exploiting the Semantic Gap in Trusted Execution Environments

BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments Contents Introduction Folder Structure 21 Static Analysis Tool 22 Proof of Concept Exploits 23 Cooperative Semantic Reconstruction 24 Papers 25 Presentation Contact Impact Coming Soon 1 Introduction BOOMERANG , a class of vulnerabilities that stem from the semantic gap between the non-sec

CWE-20 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en http://www.securityfocus.com/bid/94509 https://nvd.nist.gov https://github.com/23hour/boomerang_qemu

CVE-2016-8762

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect