CVE-2019-5303

Published: Apr 27, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)

Vendor	Product	Versions
Huawei	ALP-AL00B	affected `Versions earlier than 9.1.0.333(C00E333R2P1T8)`
Huawei	ALP-L09	affected `Versions earlier than 9.1.0.300(C432E4R1P9T8)`
Huawei	ALP-L29	affected `Versions earlier than 9.1.0.315(C636E5R1P13T8)`
Huawei	BLA-L29C	affected `Versions earlier than 9.1.0.321(C636E4R1P14T8)` affected `Versions earlier than 9.1.0.330(C432E6R1P12T8)` affected `Versions earlier than 9.1.0.302(C635E4R1P13T8)`
Huawei	Berkeley-AL20	affected `Versions earlier than 9.1.0.333(C00E333R2P1T8)`
Huawei	Berkeley-L09	affected `Versions earlier than 9.1.0.350(C10E3R1P14T8)` affected `Versions earlier than 9.1.0.351(C432E5R1P13T8)` affected `Versions earlier than 9.1.0.350(C636E4R1P13T8)`
Huawei	Charlotte-L09C	affected `Versions earlier than 9.1.0.311(C185E4R1P11T8)` affected `Versions earlier than 9.1.0.345(C432E8R1P11T8)`
Huawei	Charlotte-L29C	affected `Versions earlier than 9.1.0.325(C185E4R1P11T8)` affected `Versions earlier than 9.1.0.335(C636E3R1P13T8)` affected `Versions earlier than 9.1.0.345(C432E8R1P11T8)` affected `Versions earlier than 9.1.0.336(C605E3R1P12T8)`
Huawei	Columbia-AL10B	affected `Versions earlier than 9.1.0.333(C00E333R1P1T8)`
Huawei	Columbia-L29D	affected `Versions earlier than 9.1.0.350(C461E3R1P11T8)` affected `Versions earlier than 9.1.0.350(C185E3R1P12T8)` affected `Versions earlier than 9.1.0.350(C10E5R1P14T8)` affected `Versions earlier than 9.1.0.351(C432E5R1P13T8)`
Huawei	Cornell-AL00A	affected `Versions earlier than 9.1.0.333(C00E333R1P1T8)`
Huawei	Cornell-L29A	affected `Versions earlier than 9.1.0.328(C185E1R1P9T8)` affected `Versions earlier than 9.1.0.328(C432E1R1P9T8)` affected `Versions earlier than 9.1.0.330(C461E1R1P9T8)` affected `Versions earlier than 9.1.0.328(C636E2R1P12T8)`
Huawei	Emily-L09C	affected `Versions earlier than 9.1.0.336(C605E4R1P12T8)` affected `Versions earlier than 9.1.0.311(C185E2R1P12T8)` affected `Versions earlier than 9.1.0.345(C432E10R1P12T8)`
Huawei	Emily-L29C	affected `Versions earlier than 9.1.0.311(C605E2R1P12T8)` affected `Versions earlier than 9.1.0.311(C636E7R1P13T8)` affected `Versions earlier than 9.1.0.311(C432E7R1P11T8)`
Huawei	Ever-L29B	affected `Versions earlier than 9.1.0.311(C185E3R3P1)`
Huawei	HUAWEI Mate 20	affected `Versions earlier than 9.1.0.131(C00E131R3P1)`
Huawei	HUAWEI Mate 20 Pro	affected `Versions earlier than 9.1.0.310(C185E10R2P1)`
Huawei	HUAWEI Mate 20 RS	affected `Versions earlier than 9.1.0.135(C786E133R3P1)`
Huawei	HUAWEI Mate 20 X	affected `Versions earlier than 9.1.0.135(C00E133R2P1)`
Huawei	HUAWEI P20	affected `Versions earlier than 9.1.0.333(C00E333R1P1T8)`
Huawei	HUAWEI P20 Pro	affected `Versions earlier than 9.1.0.333(C00E333R1P1T8)`
Huawei	HUAWEI P30	affected `Versions earlier than 9.1.0.193`
Huawei	HUAWEI P30 Pro	affected `Versions earlier than 9.1.0.186(C00E180R2P1)`
Huawei	HUAWEI Y9 2019	affected `Versions earlier than 9.1.0.220(C605E3R1P1T8)`
Huawei	HUAWEI nova lite 3	affected `Versions earlier than 9.1.0.305(C635E8R2P2)`
Huawei	Honor 10 Lite	affected `Versions earlier than 9.1.0.283(C605E8R2P2)`
Huawei	Honor 8X	affected `Versions earlier than 9.1.0.221(C461E2R1P1T8)`
Huawei	Honor View 20	affected `Versions earlier than 9.1.0.238(C432E1R3P1)`
Huawei	Jackman-L22	affected `Versions earlier than 9.1.0.247(C636E2R4P1T8)`
Huawei	Paris-L21B	affected `Versions earlier than 9.1.0.331(C432E1R1P2T8)`
Huawei	Paris-L21MEB	affected `Versions earlier than 9.1.0.331(C185E4R1P3T8)`
Huawei	Paris-L29B	affected `Versions earlier than 9.1.0.331(C636E1R1P3T8)`
Huawei	Sydney-AL00	affected `Versions earlier than 9.1.0.212(C00E62R1P7T8)`
Huawei	Sydney-L21	affected `Versions earlier than 9.1.0.215(C432E1R1P1T8)` affected `Versions earlier than 9.1.0.213(C185E1R1P1T8)`
Huawei	Sydney-L21BR	affected `Versions earlier than 9.1.0.213(C185E1R1P2T8)`
Huawei	Sydney-L22	affected `Versions earlier than 9.1.0.258(C636E1R1P1T8)`
Huawei	Sydney-L22BR	affected `Versions earlier than 9.1.0.258(C636E1R1P1T8)`
Huawei	SydneyM-AL00	affected `Versions earlier than 9.1.0.228(C00E78R1P7T8)`
Huawei	SydneyM-L01	affected `Versions earlier than 9.1.0.215(C782E2R1P1T8)` affected `Versions earlier than 9.1.0.213(C185E1R1P1T8)` affected `Versions earlier than 9.1.0.270(C432E3R1P1T8)`
Huawei	SydneyM-L03	affected `Versions earlier than 9.1.0.217(C605E1R1P1T8)`
Huawei	SydneyM-L21	affected `Versions earlier than 9.1.0.221(C461E1R1P1T8)` affected `Versions earlier than 9.1.0.215(C432E4R1P1T8)`
Huawei	SydneyM-L22	affected `Versions earlier than 9.1.0.259(C185E1R1P2T8)` affected `Versions earlier than 9.1.0.220(C635E1R1P2T8)` affected `Versions earlier than 9.1.0.216(C569E1R1P1T8)`
Huawei	SydneyM-L23	affected `Versions earlier than 9.1.0.226(C605E2R1P1T8)`
Huawei	Yale-L21A	affected `Versions earlier than 9.1.0.154(C432E2R3P2)` affected `Versions earlier than 9.1.0.154(C461E2R2P1)` affected `Versions earlier than 9.1.0.154(C636E2R2P1)`
Huawei	Honor 20	affected `Versions earlier than 9.1.0.152(C00E150R5P1)`
Huawei	Honor Magic2	affected `Versions earlier than 10.0.0.187`
Huawei	Honor V20	affected `Versions earlier than 9.1.0.234(C00E234R4P3)`

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-5303

Description

Affected Products

References