VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 14, 2018· Updated Aug 5, 2024

CVE-2017-17173

CVE-2017-17173

Description

Due to insufficient parameters verification GPU driver of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.356(C00) has an arbitrary memory free vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to driver to release special kernel memory resource. Successful exploit may result in phone crash or arbitrary code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An arbitrary memory free vulnerability in the GPU driver of Huawei Mate 9 Pro allows local code execution or system crash.

Vulnerability

The GPU driver in Huawei Mate 9 Pro smartphones (versions before LON-AL00B 8.0.0.356(C00)) contains an arbitrary memory free vulnerability due to insufficient parameter verification (CVE-2017-17173) [1].

Exploitation

An attacker must trick the user into installing a malicious application on the device. The application then sends a crafted parameter to the GPU driver, which improperly frees special kernel memory resources [1]. No additional authentication or network access is required beyond user approval to install the app.

Impact

Successful exploitation can cause the phone to crash or allow arbitrary code execution in kernel context, leading to full compromise of the affected device [1].

Mitigation

Huawei released a software update for Mate 9 Pro, version LON-AL00B 8.0.0.356(C00), which resolves this vulnerability [1]. Users should apply the update through official channels. No workaround is documented.

References
  1. Security Advisory - Arbitrary Memory Free Vulnerability in GPU Driver of Some Huawei Smart Phones

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Huawei/Mate 9 Prollm-fuzzy
    Range: <8.0.0.356(C00)
  • Huawei Technologies Co., Ltd./Mate 9 Prov5
    Range: The versions before LON-AL00B 8.0.0.356(C00)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.