Huawei News
Huawei releases July 2022 security patch details
Huawei has recently shared information regarding the HarmonyOS 3 beta. Now, the Chinese tech giant also shared the security patch details for the month of July 2022.
In July 2022 EMUI security patch details, Huawei fixes 2 critical, 12 High levels, and 18 medium levels of CVEs while there are no low levels of CVEs.
This security update includes the CVE announced in the June 2022 Android security bulletin:
Critical: CVE-2022-20130, CVE-2022-20145
High: CVE-2021-39691, CVE-2022-20006, CVE-2022-20134, CVE-2022-20135, CVE-2022-20142, CVE-2022-20143, CVE-2022-20141, CVE-2021-4154, CVE-2022-25375, CVE-2022-24958, CVE-2022-25258, CVE-2022-20132
Medium: CVE-2021-39806, CVE-2022-20197, CVE-2022-20201, CVE-2022-20202, CVE-2021-35118, CVE-2021-20268, CVE-2021-20321, CVE-2021-35121, CVE-2021-3635, CVE-2021-3715, CVE-2021-3743, CVE-2021-3753, CVE-2021-38160, CVE-2022-0492, CVE-2022-20148, CVE-2022-20166, CVE-2022-26966, CVE-2021-35119
Low: none
Already included in previous updates:CVE-2021-39803, CVE-2022-20007, CVE-2022-20109, CVE-2022-20110, CVE-2020-11307, CVE-2021-30264, CVE-2020-11263, CVE-2021-1894, CVE-2021-30272, CVE-2021-30274, CVE-2021-30275, CVE-2021-30278, CVE-2021-30279, CVE-2021-30282
This security update includes the following HUAWEI patches:
CVE-2021-40016: Improper permission control vulnerability in the Bluetooth module
Severity: Medium
Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability will affect confidentiality.
CVE-2021-46741: Vulnerability of defects being introduced in the design process in the basic framework and settings module
Severity: Medium
Affected versions: EMUI 12.0.0, EMUI 11.0.1
Impact: Successful exploitation of this vulnerability will affect integrity.
CVE-2021-40012: Vulnerability of pointers being incorrectly used during data transmission in the video framework
Severity: Medium
Affected versions: EMUI 12.0.0
Impact: Successful exploitation of this vulnerability may affect confidentiality.
CVE-2022-31751: Multi-thread competition for resources in the kernel emcom module
Severity: Critical
Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.1, EMUI 12.0.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1
Impact: Successful exploitation of this vulnerability can affect availability.
CVE-2021-40013: Improper permission control vulnerability in the Bluetooth module
Severity: Medium
Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability will affect integrity.
CVE-2022-34737: Incorrect permission assignment vulnerability in the application security module
Severity: Medium
Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2022-31755: Improper preservation of permissions vulnerability in the communications module
Severity: Medium
Affected versions: EMUI 11.0.1
Impact: Successful exploitation of this vulnerability can affect availability.
CVE-2022-34736: Null pointer vulnerability in the frame scheduling module
Severity: Medium
Affected versions: EMUI 12.0.0, EMUI 11.0.1
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2022-34735: Null pointer vulnerability in the frame scheduling module
Severity: Medium
Affected versions: EMUI 12.0.0, EMUI 11.0.1
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2022-34739: Addition overflow vulnerability in the fingerprint sensor module
Severity: High
Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause the data of unknown addresses to be obtained from the address mapping.
CVE-2022-34742: Read/Write vulnerability in system components
Severity: High
Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability will affect confidentiality.
CVE-2022-34740: Buffer overflow vulnerability in the NFC module
Severity: Medium
Affected versions: EMUI 12.0.0, EMUI 11.0.1, EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
CVE-2022-34741: Buffer overflow vulnerability in the NFC module
Severity: Medium
Affected versions: EMUI 12.0.0, EMUI 11.0.1, EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
CVE-2022-31762: Input verification vulnerability in the AMS module
Severity: Medium
Affected versions: EMUI 11.0.1
Impact: Successful exploitation of this vulnerability will cause unauthorized operations.
CVE-2022-34743: Out-of-bounds read vulnerability in the AT commands of the USB port
Severity: Medium
Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2022-34738: Permission control vulnerability in the SystemUI module
Severity: Medium
Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, EMUI 12.0.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability will cause the service running in the background being unable to be perceived by the user.
Huawei Sound X4 smart speaker was launched on Huawei Mall, and full pre-sale started on the same day, and the first sale of the new product started at 20:00 on October 31.
The smart speaker is available in two colors: Rhythmic Black and Dynamic White, priced at 2199 yuan and 2599 yuan respectively.
The speaker contains eight units, including 1 woofer, 4 mid-range speakers, 1 tweeter and 2 passive radiators . Officials said that the high, medium and low frequency units work within their respective frequency response ranges, giving full play to the advantages of each unit. A HUAWEI Sound X4 can bring “symphony orchestra-like” sound effects.
The speaker has obtained Hi-Res high-definition sound quality certification, which can provide more sound details and also perceive the spatial sense of the sound. Its subwoofer has a power of 50W and is also equipped with 2 passive radiators. The low frequency dives to 36Hz and has a 25mm stroke.
In addition, its high-frequency unit has a power of 3W and the mid-frequency unit has a power of 5W, and they use pure titanium diaphragm and self-developed mica fiber diaphragm respectively.
The speaker is equipped with Huawei SOUND bass enhancement algorithm, which can actively control the vibration of the speaker, reduce distortion, improve the transient response of low frequency, and achieve deep and powerful low frequency performance. It adopts Sym-Pole mirror design to offset vibration noise and bring rich bass.
In addition, it supports control methods such as one-touch, one-cover, and two-tap, which can respectively complete operations such as lighting, muting, and turning off the lights. The speaker also supports intelligent recognition of spatial structure, emitting sound waves to detect the room structure and receiving feedback, and can automatically match the sound effect scheme in the spatial scene.
Huawei’s GoPaint App was released in May this year and officially launched in August this year. The App is a digital painting software provided by Huawei. Yesterday, the app was newly adapted to 4 tablets including the MatePad Pro 11-inch 2022 model.
A user recently asked in the community for the app compatibility and support replied that “This function is expected to be supported in the first quarter of 2025.”
According to reports, the official version of GoPaint App has over 150 preset brushes, more than 80 brush parameters that can be adjusted, and fluid brushes that can restore the real pen-and-paper rendering effect. At the same time, new realistic canvas styles have been added, including watercolor, ink, oil painting, rock color, etc.
The official version of GoPaint App also has Fangtian Painting Engine 2.0 built in, supports 100+ 6K high-definition layers and 8K ultra-large canvas, and is the first to use a floating splash brush, which can splash ink by double-clicking the pen.
Huawei has now started rolling out the September 2024 security patch update to the Pura 70 lineup in Europe.
Huawei Pura 70 lineup
LIST OF CHANGES
[SYSTEM]
Improves system stability in certain situations.
[SECURITY]
Integrates security patches released in September 2024 for improved system security.
UPDATE NOTES
Updating will not delete your personal information, but we recommend that you back up important data before updating.
If you encounter any problems during the update, please call the Huawei customer hotline or visit a Huawei customer service center.
The update package will be automatically deleted after the update is complete.