How severe is CVE-2018-7899?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2018-7899?

This is classified as CWE-415, which is a common weakness in software security.

CVE-2018-7899 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C00), 8.0.0.142(C00), 8.0.0.151(C00), Berkeley-BD 1.0.0.21, 1.0.0.22, 1.0.0.23, 1.0.0.24, 1.0.0.26, 1.0.0.29 has a double free vulnerability. An attacker can trick a user to install a malicious application and exploit this vulnerability when in the exception handling process. Successful exploitation may cause system reboot.

Related Vulnerabilities

CVE-2014-9807

MEDIUM

CVSS:5.5(Medium)

The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.

CWE-4152014

CVE-2015-5203

MEDIUM

CVSS:5.5(Medium)

Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.

CWE-4152015

CVE-2015-8894

MEDIUM

CVSS:5.5(Medium)

Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.

CWE-4152015

CVE-2017-15330

MEDIUM

CVSS:5.5(Medium)

The Flp Driver in some Huawei smartphones of the software Vicky-AL00AC00B124D, Vicky-AL00AC00B157D, Vicky-AL00AC00B167 has a double free vulnerability. An attacker can trick a user to install a malici...

CWE-4152017

CVE-2017-15364

MEDIUM

CVSS:5.5(Medium)

The foreach function in ext/ccsv.c in Ccsv 1.1.0 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact via a crafted file. ...

CWE-4152017

CVE-2017-6353

MEDIUM

CVSS:5.5(Medium)

net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (inval...

CWE-4152017