January

HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:

This security update includes the following third-party library patches:

This security update includes the CVE announced in the December 2022 Android security bulletin:

Critical: CVE-2022-20411, CVE-2022-20472, CVE-2022-20473, CVE-2022-20498

High: CVE-2021-0934, CVE-2022-20124, CVE-2022-20449, CVE-2022-20466, CVE-2022-20469, CVE-2022-20470, CVE-2022-20474, CVE-2022-20476, CVE-2022-20478, CVE-2022-20479, CVE-2022-20480, CVE-2022-20483, CVE-2022-20484, CVE-2022-20485, CVE-2022-20486, CVE-2022-20487, CVE-2022-20488, CVE-2022-20491, CVE-2022-20495, CVE-2022-20496, CVE-2022-20500, CVE-2022-20501, CVE-2022-20611, CVE-2022-33268

Medium: CVE-2022-20468, CVE-2022-25677, CVE-2022-1419, CVE-2022-28390, CVE-2022-30594, CVE-2022-20571, CVE-2022-20572

Low: none

Already included in previous updates: CVE-2022-20426, CVE-2022-20425, CVE-2022-20392, CVE-2022-25669, CVE-2022-25688, CVE-2022-25658, CVE-2022-25659

※ For more information on security patches, please refer to the Android security bulletins (https://source.android.com/security/bulletin).

This security update includes the following HUAWEI patches:

CVE-2021-46856: Path traversal vulnerability in the Multi-screen Collaboration module

Severity: Medium

Affected versions: EMUI 12.0.1, EMUI 12.0.0

Impact: Successful exploitation of this vulnerability may affect confidentiality.

CVE-2021-46867: The HW_KEYMASTER module does not release memory

Severity: Medium

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability may cause out-of-bounds access.

CVE-2021-46868: The HW_KEYMASTER module does not release memory

Severity: Medium

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability may cause out-of-bounds access.

CVE-2022-46761: Vulnerability of the dynamic hiding and restoring of app icons in the system

Severity: Medium

Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1

Impact: Successful exploitation of this vulnerability allows app icons to be dynamically hidden or restored using special methods.

CVE-2022-46762: Logic bypass vulnerability in the memory management module

Severity: High

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability may affect confidentiality.

CVE-2022-47974: DoS attack vulnerability in the Bluetooth AVRCP module

Severity: Medium

Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1

Impact: Successful exploitation of this vulnerability may cause the Bluetooth process to restart.

CVE-2022-47975: Double free vulnerability of the DUBAI module

Severity: Medium

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2022-47976: Control connection replacement vulnerability in the DMSDP module of the distributed hardware

Severity: High

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability may disconnect normal service connections.

Leaving consumer.huawei.com
After clicking the link, you will enter a third-party website. Huawei is not responsible and has no control over this third party website.
Return Continue