CVE-2016-8757

Name: CVE-2016-8757
Creator: NVD / NIST
Published: 2017-04-02T20:59:01.11+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.52%

Last modified Jun 17, 2026

CVE-2016-8757 is a vulnerability of currently unknown severity. ION memory management module in Huawei P9 phones with software EVA-AL10C00B192 and earlier versions, EVA-DL10C00B192 and earlier versions, EVA-TL10C00B192 and earlier versions, EVA-CL10C00B192 and earlier versions allows attackers to obtain sensitive information from uninitialized memory.. EPSS estimates a 0.52% chance of exploitation in the next 30 days.

Description

ION memory management module in Huawei P9 phones with software EVA-AL10C00B192 and earlier versions, EVA-DL10C00B192 and earlier versions, EVA-TL10C00B192 and earlier versions, EVA-CL10C00B192 and earlier versions allows attackers to obtain sensitive information from uninitialized memory.

Metrics

EPSS Probability

0.52%

40.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-200

Affected Software

Vendor	Product	Versions
Huawei	P9 Firmware	>= eva-al10, <= eva-al10c00b192
Huawei	P9 Firmware	>= eva-cl10, <= eva-cl10c00b192
Huawei	P9 Firmware	>= eva-dl10, <= eva-dl10c00b192
Huawei	P9 Firmware	>= eva-tl10, <= eva-tl10c00b192

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-02-smartphone-enVendor Advisory
http://www.securityfocus.com/bid/93932Third Party Advisory, VDB Entry
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-02-smartphone-enVendor Advisory
http://www.securityfocus.com/bid/93932Third Party Advisory, VDB Entry

Timeline

Published: Apr 2, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2016-8757?

How severe is CVE-2016-8757?

Severity scoring for CVE-2016-8757 is pending analysis. The EPSS model estimates a 0.52% probability of exploitation in the next 30 days.

How do I fix CVE-2016-8757?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-8757?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST