VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 6, 2019· Updated Aug 4, 2024

CVE-2019-5305

CVE-2019-5305

Description

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C185) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a system crash.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A memory double free vulnerability in the image processing module of Huawei Mate 10 smartphones before ALP-L29 9.0.0.159(C185) allows a malicious app to cause a system crash.

Vulnerability

The image processing module of Huawei Mate 10 smartphones contains a memory double free vulnerability. Affected versions are those before ALP-L29 9.0.0.159(C185). The vulnerability is triggered when a specially crafted application calls a specific API, leading to a double free condition in memory management [1].

Exploitation

An attacker must trick a user into installing a malicious application on the device. Once installed, the application can invoke a special API that triggers the double free vulnerability. No additional privileges or network access are required beyond the initial user interaction to install the app [1].

Impact

Successful exploitation causes a system crash, resulting in a denial of service (DoS). The vulnerability does not appear to allow code execution or privilege escalation; the primary impact is temporary unavailability of the device [1].

Mitigation

Huawei has released a software update to fix this vulnerability. The resolved version is ALP-L29 9.0.0.159(C185). Users should update their devices to this version or later. No workarounds are documented [1].

References
  1. Security Advisory - Memory Double Free Vulnerability in Image Processing Module of Some Huawei Smart Phones

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Huawei/Mate 10llm-fuzzy2 versions
    <ALP-L29 9.0.0.159(C185)+ 1 more
    • (no CPE)range: <ALP-L29 9.0.0.159(C185)
    • (no CPE)range: The versions before ALP-L29 9.0.0.159(C185)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.