VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 31, 2018· Updated Aug 5, 2024

CVE-2018-7934

CVE-2018-7934

Description

Some Huawei mobile phone with the versions before BLA-L29 8.0.0.145(C432) have a denial of service (DoS) vulnerability because they do not adapt to specific screen gestures. An attacker may trick users into installing a malicious app. As a result, apps running on the frontend crash after the users make specific screen gestures.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Huawei Mate 10 Pro phones before BLA-L29 8.0.0.145(C432) crash foreground apps when users perform certain screen gestures after a malicious app is installed.

Vulnerability

Some Huawei mobile phones, specifically the Mate 10 Pro with versions before BLA-L29 8.0.0.145(C432), have a denial of service (DoS) vulnerability because the device firmware does not properly adapt to specific screen gestures [1]. This makes the system unstable when those gestures are performed.

Exploitation

An attacker must trick the user into installing a malicious application on the device. Once installed, the attacker has no further interaction; the vulnerability is triggered automatically when the user performs the specific gesture sequence [1]. No special network position or authentication is required for exploitation beyond app installation.

Impact

Successful exploitation causes apps running in the foreground to crash, resulting in a denial of service condition that disrupts legitimate user activity [1]. The device itself remains operational, but the usability of the frontend application is lost until the user manually restarts the app.

Mitigation

Huawei released a fixed version BLA-L29 8.0.0.145(C432) to address this vulnerability. Users should update their Mate 10 Pro devices to this or any later version via the official update mechanism [1]. No other workarounds are documented in the available references.

References
  1. Security Advisory - DoS Vulnerability in Some Huawei Smart Phones

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Huawei/BLA-L29llm-create
    Range: <8.0.0.145(C432)
  • Huawei Technologies Co., Ltd./Mate 10 Prov5
    Range: The versions before BLA-L29 8.0.0.145(C432)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.