CVE-2017-17320
Description
Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a memory double free vulnerability. The system does not manage the memory properly, that frees on the same memory address twice. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in malicious code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Memory double free in Huawei Mate 9 Pro allows code execution via crafted app installed by root user.
Vulnerability
Huawei Mate 9 Pro smartphones running software versions LON-AL00BC00B139D, LON-AL00BC00B229, and LON-L29DC721B188 contain a memory double free vulnerability. The system improperly manages memory, freeing the same memory address twice. This bug is triggered when a crafted application is installed by a user with root privileges. [1]
Exploitation
An attacker must trick a user who already has root privilege to install a specially crafted application. No additional authentication or network access is required beyond the user's existing root access. The attacker's application triggers the double free condition, leading to memory corruption. [1]
Impact
Successful exploitation results in arbitrary code execution at the privilege level of the root user, giving the attacker full control over the device. This can lead to complete compromise of confidentiality, integrity, and availability. [1]
Mitigation
Huawei has released software updates to fix this vulnerability. For LON-AL00BC00B139D, the resolved version is 8.0.0.343(C00). For LON-L29DC721B188, the resolved version is 8.0.0.360(C721). Users should update their devices to the latest firmware. No workaround is provided. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188
- Huawei Technologies Co., Ltd./Mate 9 Prov5Range: LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20180314-02-smartphone-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.