Vulnerabilities > CVE-2021-22386 - Double Free vulnerability in Huawei Emui and Magic UI

CVSS 7.0 - HIGH

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

high complexity

huawei

CWE-415

NVD

Published: 2021-08-10

Updated: 2021-12-09

Summary

A component of the Huawei smartphone has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevation of Privileges.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei Magic UI 4.0.0 Huawei Emui 11.0.0	2

Common Weakness Enumeration (CWE)

CWE-415 - Double Free

References

https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077
https://consumer.huawei.com/en/support/bulletin/2021/6/