Strix
26.1K

CVE-2018-7899

UnknownEPSS 0.56%

Last modified

CVE-2018-7899 is a vulnerability of currently unknown severity. The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C00), 8.0.0.142(C00), 8.0.0.151(C00), Berkeley-BD 1.0.0.21, 1.0.0.22, 1.0.0.23, 1.0.0.24, 1.0.0.26, 1.0.0.29 has a double free vulnerability. An attacker can trick a user to install a malicious application and exploit this vulnerability when in the exception handling process. EPSS estimates a 0.56% chance of exploitation in the next 30 days.

Description

The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C00), 8.0.0.142(C00), 8.0.0.151(C00), Berkeley-BD 1.0.0.21, 1.0.0.22, 1.0.0.23, 1.0.0.24, 1.0.0.26, 1.0.0.29 has a double free vulnerability. An attacker can trick a user to install a malicious application and exploit this vulnerability when in the exception handling process. Successful exploitation may cause system reboot.

Metrics

EPSS Probability
0.56%

42.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
HuaweiBerkeley-Al20 Firmware8.0.0.105\(c00\)
HuaweiBerkeley-Al20 Firmware8.0.0.111\(c00\)
HuaweiBerkeley-Al20 Firmware8.0.0.112d\(c00\)
HuaweiBerkeley-Al20 Firmware8.0.0.116\(c00\)
HuaweiBerkeley-Al20 Firmware8.0.0.119\(c00\)
HuaweiBerkeley-Al20 Firmware8.0.0.119d\(c00\)
HuaweiBerkeley-Al20 Firmware8.0.0.122\(c00\)
HuaweiBerkeley-Al20 Firmware8.0.0.132\(c00\)
HuaweiBerkeley-Al20 Firmware8.0.0.132d\(c00\)
HuaweiBerkeley-Al20 Firmware8.0.0.142\(c00\)
HuaweiBerkeley-Al20 Firmware8.0.0.151\(c00\)
HuaweiBerkeley-Bd Firmware1.0.0.21
HuaweiBerkeley-Bd Firmware1.0.0.22
HuaweiBerkeley-Bd Firmware1.0.0.23
HuaweiBerkeley-Bd Firmware1.0.0.24
HuaweiBerkeley-Bd Firmware1.0.0.26
HuaweiBerkeley-Bd Firmware1.0.0.29

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2018-7899?
The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C00), 8.0.0.142(C00), 8.0.0.151(C00), Berkeley-BD 1.0.0.21, 1.0.0.22, 1.0.0.23, 1.0.0.24, 1.0.0.26, 1.0.0.29 has a double free vulnerability. An attacker can trick a user to install a malicious application and exploit this vulnerability when in the exception handling process. Successful exploitation may cause system reboot.
How severe is CVE-2018-7899?
Severity scoring for CVE-2018-7899 is pending analysis. The EPSS model estimates a 0.56% probability of exploitation in the next 30 days.
How do I fix CVE-2018-7899?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-7899?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST