February

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more
Consumer

Smartphones, Laptops & Tablets, Wearables and More

Corporate

About Huawei, Press&Event, and More

Enterprise

Products, Solutions and Services for Enterprise

Carrier

Products, Solutions and Services for Carrier

Popular Products
HUAWEI WATCH GT 5 Pro
HUAWEI WATCH Ultimate
HUAWEI MatePad Pro 12.2-inch
Quick View
Smartphone
Wearable
PC
Tablet
Audio
Router
HUAWEI Mobile Services
enter more search keys

HUAWEI EMUI/Magic UI security updates February 2022

HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:

This security update includes the following third-party library patches:

This security update includes the CVE announced in the January 2022 Android security bulletin:

Critical: none

High: CVE-2021-39620, CVE-2021-39623, CVE-2021-39629, CVE-2021-39632, CVE-2021-39659, CVE-2021-30353, CVE-2021-30319

Medium: CVE-2021-30313

Low: none

Already included in previous updates: CVE-2021-0956, CVE-2021-0769, CVE-2021-0978, CVE-2021-0979, CVE-2021-0981, CVE-2021-0993, CVE-2021-0996, CVE-2021-0997, CVE-2021-1001, CVE-2021-1002, CVE-2021-1003, CVE-2021-1016, CVE-2021-1017, CVE-2021-1018, CVE-2021-1019, CVE-2021-1023, CVE-2021-1025, CVE-2021-39657, CVE-2021-30262, CVE-2021-0675, CVE-2021-0961, CVE-2021-0922, CVE-2020-0347, CVE-2021-0717, CVE-2021-1030, CVE-2021-1031, CVE-2021-0977

※ For more information on security patches, please refer to the Android security bulletins (https://source.android.com/security/bulletin).

This security update includes the CVE of other third-party library patches:

High: CVE-2021-3760, CVE-2021-32484, CVE-2021-32485, CVE-2021-32486, CVE-2021-32487

Medium: CVE-2021-0356, CVE-2021-0359, CVE-2021-0360, CVE-2021-0358, CVE-2021-0357

This security update includes the following HUAWEI patches:

CVE-2021-39992: Improper security permission configuration vulnerability on ACPU

Severity: High

Affected versions: EMUI12.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.

CVE-2021-40015: Race condition vulnerability in the binder driver subsystem in the kernel

Severity: Medium

Affected versions: EMUI 12.0.0, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may affect kernel stability.

CVE-2021-39997: Vulnerability of unstrict input parameter verification in the audio assembly

Severity: Critical

Affected versions: EMUI12.0.0

Impact: Successful exploitation of this vulnerability may cause out-of-bounds access.

CVE-2021-39994: Arbitrary address access vulnerability with the product line test code

Severity: Critical

Affected versions: EMUI12.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.

CVE-2021-40044: Permission verification vulnerability in the Bluetooth module

Severity: Medium

Affected versions: EMUI12.0.0, EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may cause unauthorized operations.

CVE-2021-39991: Unauthorized rewriting vulnerability with the memory access management module on ACPU

Severity: High

Affected versions: EMUI12.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39986: Unauthorized rewriting vulnerability with the memory access management module on ACPU

Severity: High

Affected versions: EMUI12.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37115: Unauthorized rewriting vulnerability with the memory access management module on ACPU

Severity: High

Affected versions: EMUI12.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37109: Security protection bypass vulnerability with the modem

Severity: High

Affected versions: EMUI12.0.0

Impact: Successful exploitation of this vulnerability may cause memory protection failure.

CVE-2021-40045: Vulnerability of signature verification mechanism failure in system upgrade through recovery mode

Severity: Critical

Affected versions: EMUI12.0.0, EMUI 11.0.1, EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37107: Improper memory access permission configuration on ACPU

Severity: High

Affected versions: EMUI12.0.0

Impact: Successful exploitation of this vulnerability may cause out-of-bounds access.

Leaving consumer.huawei.com
After clicking the link, you will enter a third-party website. Huawei is not responsible and has no control over this third party website.
Return Continue