Headline
CVE-2021-22337: April
There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause leaking of user click data.
Huawei is releasing monthly security updates for flagship models. This security update includes Android and Huawei patches:
This security update includes the CVE announced in the April 2021 Android security bulletin.
Critical:CVE-2019-9465, CVE-2021-0430
High:CVE-2019-9345,CVE-2020-0261,CVE-2021-0437,CVE-2021-0400,CVE-2021-0429,CVE-2021-0436,CVE-2021-0438, CVE-2021-0444,CVE-2021-0471,CVE-2020-11308,CVE-2020-11290,CVE-2020-11309,CVE-2021-0399, CVE-2021-0432
Medium:CVE-2020-0479,CVE-2020-0480,CVE-2020-0485,CVE-2020-27052,CVE-2020-0482, CVE-2020-0483,CVE-2020-0492,CVE-2020-27035,CVE-2020-0491,CVE-2020-27038,CVE-2020-0202,CVE-2020-27030,CVE-2020-27036,CVE-2020-27044,CVE-2020-27045,CVE-2020-27048,CVE-2020-27049,CVE-2020-27050,CVE-2020-27051, CVE-2020-0280,CVE-2020-0476,CVE-2020-27021,CVE-2020-27024,CVE-2020-27027, CVE-2020-27031,CVE-2020-27032,CVE-2020-27033,CVE-2020-27034,CVE-2020-27037,CVE-2020-27039,CVE-2020-27040,CVE-2020-27047,CVE-2020-27055,CVE-2020-27056,CVE-2020-27029,CVE-2019-9458,CVE-2019-9455,CVE-2020-0369,CVE-2020-0322,CVE-2020-0323,CVE-2020-0336,CVE-2020-0356,CVE-2020-0357,CVE-2020-0358,CVE-2020-0406,CVE-2020-0270,CVE-2020-0324,CVE-2020-0355,CVE-2020-0364,CVE-2020-0302,CVE-2020-0307,CVE-2020-0349,CVE-2020-0365,CVE-2020-0197,CVE-2021-0371,CVE-2021-0377,CVE-2020-25211,CVE-2020-0497,CVE-2020-0481,CVE-2019-9445,CVE-2020-0310,CVE-2020-0348,CVE-2020-0223,CVE-2020-0235
Low: none
Already included in previous updates:CVE-2020-0201,CVE-2019-16275,CVE-2019-5489,CVE-2020-0486,CVE-2020-0494,CVE-2019-9447,CVE-2019-9450,CVE-2020-0296,CVE-2020-0297,CVE-2020-0343,CVE-2020-0279,CVE-2020-0314,CVE-2020-0351,CVE-2020-0353,CVE-2020-0362,CVE-2020-0271,CVE-2020-0269,CVE-2020-0327,CVE-2021-0382,CVE-2020-0025,CVE-2021-0378,CVE-2021-0379,CVE-2021-0380,CVE-2021-0381,CVE-2021-0383,CVE-2021-0385,CVE-2021-0386,CVE-2021-0387,CVE-2021-0388,CVE-2021-0374,CVE-2021-0384
※For more information on security patches, please refer to the Android security bulletins (https://source.android.com/security/bulletin).
This security update includes the following Huawei patches:
CVE-2021-22337: Information leak vulnerability in some Huawei phones
Severity: Medium
Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may cause leaking of user click data.
CVE-2021-22336: DoS vulnerability in some Huawei phones
Severity: Medium
Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0
Impact: Successful exploitation of this vulnerability may cause denial of security services on a rooted device.
CVE-2021-22335: Heap overflow vulnerability in some Huawei phones
Severity: Medium
Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may cause exceptions in image processing.
CVE-2021-22334: Malicious Wi-Fi construction vulnerability in some Huawei phones
Severity: Medium
Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1
Impact: Successful exploitation of this vulnerability may cause app redirections.
CVE-2021-22333: Integer overflow vulnerability in some Huawei phones
Severity: High
Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions.