Huawei veröffentlicht Februar 2022 EMUI Sicherheitsupdate-Details
Huawei legt bei seinen Geräten großen Wert auf die Systemsicherheit. Mit dem neuesten Sicherheitsupdate schließt Huawei 11 gefährliche Datenschutzprobleme, dieser werden mit der Veröffentlichung des EMUI-Sicherheitspatches vom Februar 2022 behoben.
Neben den EMUI-Problemen vom Februar 2022 behebt der Patch 7 hohe und 1 mittlere CVE im System. Das ist nicht alles, dieser Sicherheitspatch bringt auch Korrekturen für 1 kritische und 9 hochgradige CVEs in den Bibliotheken von Drittanbietern, um dem System mehr Sicherheit zu bieten.
CVE 1:
- CVE-2021-39991: Unauthorized rewriting vulnerability with the memory access management module on ACPU
- Risk: High
- Affected versions: EMUI 12.0.0
- Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE 2:
- CVE-2021-39986: Unauthorized rewriting vulnerability with the memory access management module on ACPU
- Risk: High
- Affected versions: EMUI 12.0.0
- Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE 3:
- CVE-2021-37115: Unauthorized rewriting vulnerability with the memory access management module on ACPU
- Risk: High
- Affected versions: EMUI 12.0.0
- Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE 4:
- CVE-2021-37109: Security protection bypass vulnerability with the modem
- Risk: High
- Affected versions: EMUI 12.0.0
- Impact: Successful exploitation of this vulnerability may cause memory protection failure.
CVE 5:
- CVE-2021-40044: Permission verification vulnerability in the Bluetooth module
- Risk: Medium
- Affected versions: EMUI 12.0.0, EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0
- Impact: Successful exploitation of this vulnerability may cause unauthorized operations.
CVE 6:
- CVE-2021-40015: Race condition vulnerability in the binder driver subsystem in the kernel
- Risk: Medium
- Affected versions: EMUI 12.0.0, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0
- Impact: Successful exploitation of this vulnerability may affect kernel stability.
CVE 7:
- CVE-2021-39992: Improper security permission configuration vulnerability on ACPU
- Risk: High
- Affected versions: EMUI 12.0.0
- Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
CVE 8:
- CVE-2021-39997: Vulnerability of unstrict input parameter verification in the audio assembly
- Risk: High
- Affected versions: EMUI 12.0.0
- Impact: Successful exploitation of this vulnerability may cause out-of-bounds access.
CVE 9:
- CVE-2021-39994: Arbitrary address access vulnerability with the product line test code
- Risk: High
- Affected versions: EMUI 12.0.0
- Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
CVE 10:
- CVE-2021-40045: Vulnerability of signature verification mechanism failure in system upgrade through recovery mode
- Risk: High
- Affected versions: EMUI 12.0.0, EMUI 11.0.1, EMUI 11.0.0, Magic UI 4.0.0
- Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE 11:
- CVE-2021-37107: Improper memory access permission configuration on ACPU
- Risk: High
- Affected versions: EMUI 12.0.0
- Impact: Successful exploitation of this vulnerability may cause out-of-bounds access.
Links mit einem * sind Partner-Links. Durch einen Klick darauf gelangt ihr direkt zum Anbieter. Solltet ihr euch dort für einen Kauf entscheiden, erhalte ich eine kleine Provision. Für euch ändert sich am Preis nichts. Danke für eure Unterstützung!
Um über alle News auf dem Laufenden zu bleiben, folge mir auf Google News oder Telegram, WhatsApp, Mastodon, Threads, Bluesky oder auf Facebook oder abonniere meinen RSS-Feed!
