19 Issues Fixed With EMUI December 2021 Patch
Huawei has released the December 2021 security patch details, which fixes some issues and bugs to provide better system security. In the December 2021 security patch, Huawei has fixed 14 issues found on the EMUI 11.0.0, Magic UI 4.0.0, EMUI 10.1.1, Magic UI 3.1.1, EMUI 11.0.1, EMUI 9.1.0, EMUI 9.1.1, EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, Magic UI 2.1.0, Magic UI 3.0.0, Magic UI 3.1, Magic UI 3.1.0.
CVE-2021-37125: Input verification absence in some HUAWEI devices
Severity: Medium
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37069: Race condition vulnerability in some HUAWEI phones
Severity: Medium
Affected versions: EMUI 10.1.1, Magic UI 3.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39993: Integer overflow vulnerability with ACPU
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause out-of-bounds access.
CVE-2021-39992: Improper security permission configuration vulnerability on ACPU
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
CVE-2021-39991: Unauthorized rewriting vulnerability with the memory access management module on ACPU
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39986: Unauthorized rewriting vulnerability with the memory access management module on ACPU
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39974: Out-of-bounds read in some HUAWEI phones
Severity: Medium
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37133: Unauthorized file access vulnerability in some HUAWEI phones
Severity: Medium
Affected versions: EMUI 11.0.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39994: Arbitrary address access vulnerability with the product line test code
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
CVE-2021-37118: Man-in-the-middle (MITM) attack vulnerability when using HUAWEI Share in some HUAWEI devices
Severity: Medium
Affected versions: EMUI 9.1.0, EMUI 9.1.1, EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, Magic UI 2.1.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37115: Unauthorized rewriting vulnerability with the memory access management module on ACPU
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37112: Incomplete device version verification vulnerability due to the integrity protection defects of the PC version of HiSuite in some HUAWEI devices
Severity: Medium
Affected versions: EMUI 11.0.1, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.0.0, Magic UI 9.1.1
Impact: Successful exploitation of this vulnerability may affect service integrity.
CVE-2021-37109: Security protection bypass vulnerability with the modem
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause memory protection failure.
CVE-2021-37107: Improper memory access permission configuration on ACPU
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause out-of-bounds access.
CVE-2021-37096: Input verification vulnerability in some HUAWEI devices
Severity: High
Affected versions: EMUI 10.1.1, EMUI 11.0.0, Magic UI 3.1.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37074: Race condition vulnerability in some HUAWEI phones
Severity: High
Affected versions: EMUI 10.1.1, Magic UI 3.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39996: Heap-based buffer overflow vulnerability with the NFC module
Severity: High
Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause memory overflow.
CVE-2021-39998: Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService
Severity: Medium
Affected versions: EMUI 11.0.0, EMUI 11.0.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause the system to crash and restart.
CVE-2021-37043: Vulnerability of not performing strong foreground authentication on the caller in some HUAWEI devices
Severity: Medium
Affected versions: EMUI 9.1.0, EMUI 9.1.1, EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, Magic UI 2.1.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0.
According to the official information, the Huawei released the delisting announcement of its Petal Mail…
Huawei has started rolling out the new November 2024 app update to its Health Application.…
Huawei released the Mate 70 series of mobile phones, with a starting price of 5,499…
Huawei officially announced the new FreeBuds Pro 4 headphones. This is the first TWS headset…
Huawei's Mate 70 series of mobile phones was officially unveiled today. The new series of…
According to the latest information, the Chinese tech giant Huawei is said to launch the…