CVE-2019-5214
Description
There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8). An attacker tricks the user into installing a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause a denial of service condition.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A use-after-free in the Mate10 driver component allows a local attacker to trigger denial of service via a malicious app on Huawei Mate10 smartphones before ALP-AL00B 9.0.0.167.
Vulnerability
A use-after-free vulnerability exists in a driver component in Huawei Mate10 smartphones running versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8). The flaw causes the software to reference memory after it has been freed, leading to undefined behavior. Other affected builds include 9.0.0.201(C432E4R1P9) and 9.0.0.192(C185E2R1P12), with corresponding resolved versions specified in the advisory [1].
Exploitation
An attacker must trick the user into installing a malicious application on the smartphone. No additional privileges or network access are required; the exploit is achieved through the crafted app which triggers the use-after-free condition in the driver component [1].
Impact
Successful exploitation of the use-after-free vulnerability results in a denial of service (DoS), causing the device to become unavailable or crash. The impact is limited to DoS; no remote code execution or data disclosure is reported in the available references [1].
Mitigation
Huawei released software updates to fix this vulnerability. Users should upgrade their Mate10 to the resolved versions listed per build: ALP-AL00B 9.0.0.167(C00E85R2P20T8), ALP-L29 9.0.0.201(C432E4R1P9), ALP-L09 9.0.0.192(C185E2R1P12), or the corresponding updates as detailed in the security advisory [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: Versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20190109-01-smartphone-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.