19 Issues Fixed With EMUI December 2021 Patch
Huawei has released the December 2021 security patch details, which fixes some issues and bugs to provide better system security. In the December 2021 security patch, Huawei has fixed 14 issues found on the EMUI 11.0.0, Magic UI 4.0.0, EMUI 10.1.1, Magic UI 3.1.1, EMUI 11.0.1, EMUI 9.1.0, EMUI 9.1.1, EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, Magic UI 2.1.0, Magic UI 3.0.0, Magic UI 3.1, Magic UI 3.1.0.
CVE-2021-37125: Input verification absence in some HUAWEI devices
Severity: Medium
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37069: Race condition vulnerability in some HUAWEI phones
Severity: Medium
Affected versions: EMUI 10.1.1, Magic UI 3.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39993: Integer overflow vulnerability with ACPU
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause out-of-bounds access.
CVE-2021-39992: Improper security permission configuration vulnerability on ACPU
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
CVE-2021-39991: Unauthorized rewriting vulnerability with the memory access management module on ACPU
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39986: Unauthorized rewriting vulnerability with the memory access management module on ACPU
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39974: Out-of-bounds read in some HUAWEI phones
Severity: Medium
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37133: Unauthorized file access vulnerability in some HUAWEI phones
Severity: Medium
Affected versions: EMUI 11.0.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39994: Arbitrary address access vulnerability with the product line test code
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
CVE-2021-37118: Man-in-the-middle (MITM) attack vulnerability when using HUAWEI Share in some HUAWEI devices
Severity: Medium
Affected versions: EMUI 9.1.0, EMUI 9.1.1, EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, Magic UI 2.1.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37115: Unauthorized rewriting vulnerability with the memory access management module on ACPU
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37112: Incomplete device version verification vulnerability due to the integrity protection defects of the PC version of HiSuite in some HUAWEI devices
Severity: Medium
Affected versions: EMUI 11.0.1, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.0.0, Magic UI 9.1.1
Impact: Successful exploitation of this vulnerability may affect service integrity.
CVE-2021-37109: Security protection bypass vulnerability with the modem
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause memory protection failure.
CVE-2021-37107: Improper memory access permission configuration on ACPU
Severity: High
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause out-of-bounds access.
CVE-2021-37096: Input verification vulnerability in some HUAWEI devices
Severity: High
Affected versions: EMUI 10.1.1, EMUI 11.0.0, Magic UI 3.1.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37074: Race condition vulnerability in some HUAWEI phones
Severity: High
Affected versions: EMUI 10.1.1, Magic UI 3.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39996: Heap-based buffer overflow vulnerability with the NFC module
Severity: High
Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause memory overflow.
CVE-2021-39998: Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService
Severity: Medium
Affected versions: EMUI 11.0.0, EMUI 11.0.1, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause the system to crash and restart.
CVE-2021-37043: Vulnerability of not performing strong foreground authentication on the caller in some HUAWEI devices
Severity: Medium
Affected versions: EMUI 9.1.0, EMUI 9.1.1, EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, Magic UI 2.1.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0.
Okay, so you're sitting in your favorite cafĂ©, scrolling through Instagram, and suddenly your WiFi…
Your Huawei phone won't charge. You plug it in, nothing happens. Before you panic or…
Locked out of your Huawei phone? Don't panic. Whether you've forgotten your password, PIN, pattern,…
Is your Huawei phone dying in just a few hours? You're not alone. Battery drain…
Huawei is getting ready to release a new super-thin phone called the Mate 70 Air.…
Tipster Digital Chat Station has confirmed that the Chinese tech giant Huawei will release new…