Scribd
Upload
6K views13 pages

HUAWEI AQM-LX1 10.1.0.109 (C605E1R5P1) Software Release Notes

This document provides release notes for software version Vx.y of the AQM-LX1 device. It includes the version description, new features which integrate April 2020 Google security patches, improvements from previous versions which are not applicable, known limitations and issues which are not present, and software vulnerability fixes through CVE IDs.

Uploaded by

etgi2023
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
6K views13 pages

HUAWEI AQM-LX1 10.1.0.109 (C605E1R5P1) Software Release Notes

This document provides release notes for software version Vx.y of the AQM-LX1 device. It includes the version description, new features which integrate April 2020 Google security patches, improvements from previous versions which are not applicable, known limitations and issues which are not present, and software vulnerability fixes through CVE IDs.

Uploaded by

etgi2023
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 13

Product name Confidentiality level

AQM-LX1 CONFIDENTIAL
Commercial Name
Total 10 pages
HUAWEI Y8p

XXX Software Release Notes Vx.y

Prepared by AQM Team Date 2020-4-23


Reviewed by AQM Team Date 2020-4-23
Approved by AQM Team Date 2020-4-23

Huawei Technologies Co., Ltd.

All rights reserved


Revision Record
Date Revision Change Description Author
version
yyyy-mm-dd 1.0 Release for version V100R001CXXB001 XXX TEAM

yyyy-mm-dd 1.1 Add OTA feature description XXX TEAM


yyyy-mm-dd 2.0 Release for version V100R001CXXB002 XXX TEAM

1. Change “Product version” to “Commercial Name”


2. Remove “Main features”
3. Make “Version Description” more clear
2018-2-13 2.1 4.Change” Improvement in the Previous Version” to
MR TEAM
“Improvement From the Previous Version”
4.Change “Effect” to “Remarks”

2018-5-18 2.2 Add match EMUI 9.0 template Custom Team


1. Delete column “Case ID”
2018-8-8 2.2 2. Change “Issue Description” to “Feature MR TEAM
Description” in New Features

2019-1-1 2.3 1. Add “IMEI SV” in Version Description. MR TEAM

2019-3-12 2.3.1 1. Update Version Description. I&M

2019-5-17 2.3.2 1. Add “Android security patch” I&M


Table of Contents
1 Version Description..................................................................................................................4
2 New Features..........................................................................................................................4
3 Improvement from the Previous Version.................................................................................4
4 Known Limitations and Issues.................................................................................................4
5 Software Vulnerabilities Fixes..................................................................................................5
XXX Software Release Notes CONFIDENTIAL

Vx.y
XXX Software Release Notes Vx.y

1 Version Description
Model AQM-LX1
10.1.0.109(C605E1R5P1)
Build number
GPU Turbo
Previous released number NA

IMEI SV 02
Android version 10

EMUI version 10.1.0

CPU Huawei Kirin 710F


Android security patch 1 April 2020
Baseband version 21C20B388S000C000,21C20B388S000C000
4.14.116
Kernel Version android@localhost #1
Tue Apr 21 19:05:29 CST 2020
Version Type TA

2 New Features
Index Feature Description
Integrates Google security patches released in April 2020 for improved
1
system security.

3 Improvement from the Previous Version


Index Issue Description

1 NA

4 Known Limitations and Issues


Index Issue Description Remarks
1 NA NA

5 Software Vulnerabilities Fixes


Vulnerabilities information is available through CVE IDs in NVD (National Vulnerability Database) website:
http://web.nvd.nist.gov/view/vuln/search
#4 Google Security Patch:April.2020

Page 4
XXX Software Release Notes CONFIDENTIAL

Software/
Module
Version CVE
ID
Vx.y
Vulnerability Description Impact
Description
name

Platform 9,10 CVE- In decrypt_1_2 of CryptoPlugin.cpp, there is a The fix is


202 possible out of bounds write due to stale pointer. designed to fix
0- This could lead to local escalation of privilege with the base pointer
007 no additional execution privileges needed. User used to set the
9 interaction is not needed for exploitation. destination.

Platform 9,10 CVE- In releaseSecureStops of DrmPlugin.cpp, there is a The fix is


202 possible out of bounds write due to a missing designed to add
0- bounds check. This could lead to local escalation of the missing
007 privilege with no additional execution privileges bounds check.
8 needed. User interaction is not needed for
exploitation.

Qualcomm NA CVE- undefined


components 201
9-
140
87

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 140
75

FPC NA CVE- In authorize_enroll of the FPC IRIS TrustZone app, The fix is
components 202 there is a possible out of bounds read due to a designed to add
0- missing bounds check. This could lead to local bounds checks.
007 information disclosure with System execution
7 privileges needed. User interaction is not needed
for exploitation.

FPC NA CVE- In get_auth_result of the FPC IRIS TrustZone app, The fix is
components 202 there is a possible out of bounds write due to a designed to add
0- missing bounds check. This could lead to local bounds checks.
007 escalation of privilege with System execution
6 privileges needed. User interaction is not needed
for exploitation.

FPC NA CVE- In set_shared_key of the FPC IRIS TrustZone app, The fix is
components 202 there is a possible out of bounds read due to a designed to add
0- missing bounds check. This could lead to local bounds checks.
007 information disclosure with System execution
5 privileges needed. User interaction is not needed
for exploitation.

Page 5
XXX Software Release Notes CONFIDENTIAL

Platform 8.0,8.1,9
,10
CVE-
202
In Vx.y verifyIntentFiltersIfNeeded
PackageManagerService.java, there is a possible
of The
designed
fix is
to
0- settings bypass allowing an app to become the revoke 'always'
007 default handler for arbitrary domains. This could web handler
4 lead to local escalation of privilege with User status when app
execution privileges needed. User interaction is no longer uses
not needed for exploitation. autoVerify.
Kernel NA CVE- In ml_ff_destroy of ff-memless.c, there is possible The fix is
201 memory corruption due to a use after free. This designed to clean
9- could lead to local escalation of privilege if a up an effect
195 malicious USB device is used, with no additional timer.
24 execution privileges needed. User interaction is
not needed for exploitation.

Kernel NA CVE- In many initialization functions of many drivers in The fix is


201 drivers/hid, there are possible out of bounds designed to
9- writes due to a missing check for an empty list. check if the
195 These could lead to local escalation of privilege if driver's input lists
32 using a malicious USB driver, with no additional are empty before
execution privileges needed. User interaction is using them.
not needed for exploitation.
Kernel NA CVE- In snd_timer_open of timer.c, there is a possible The fix is
201 code execution due to a use after free. This could designed to not
9- lead to local escalation of privilege with no re-use variables
198 additional execution privileges needed. User for temporary
07 interaction is not needed for exploitation. checks.

Qualcomm NA CVE- undefined


components 201
9-
140
70

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 141
12

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 141
14

Qualcomm NA CVE- undefined


components 201
9-
141
22

Page 6
XXX Software Release Notes CONFIDENTIAL

Qualcomm
closed-
NA CVE-
201
Vx.y undefined

source 9-
components 141
34

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 141
11

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 141
13

Qualcomm NA CVE- undefined


components 201
9-
141
31

Qualcomm NA CVE- undefined


components 201
9-
141
04

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 141
27

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 141
35

Qualcomm NA CVE- undefined


components 201
9-
141
32

Page 7
XXX Software Release Notes CONFIDENTIAL

Qualcomm
closed-
NA CVE-
201
Vx.y undefined

source 9-
components 141
05

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 141
10

Platform 8.0,8.1,9 CVE- In rw_t2t_handle_tlv_detect_rsp of The fix is


,10 202 rw_t2t_ndef.cc, there is a possible out of bounds designed to add
0- write due to a missing bounds check. This could the missing
007 lead to remote code execution over NFC with no bounds check.
3 additional execution privileges needed. User
interaction is not needed for exploitation.

Platform 8.0,8.1,9 CVE- In rw_t2t_handle_tlv_detect_rsp of The fix is


,10 202 rw_t2t_ndef.cc, there is a possible out of bounds designed to add
0- write due to a missing bounds check. This could the missing
007 lead to remote code execution over NFC with no bounds check.
2 additional execution privileges needed. User
interaction is not needed for exploitation.

Platform 8.0,8.1,9 CVE- In rw_t2t_extract_default_locks_info of The fix is


,10 202 rw_t2t_ndef.cc, there is a possible out of bounds designed to add
0- write due to a missing bounds check. This could the missing
007 lead to remote code execution over NFC with no bounds check.
1 additional execution privileges needed. User
interaction is not needed for exploitation.

Platform 8.0,8.1,9 CVE- In rw_t2t_update_lock_attributes of The fix is


,10 202 rw_t2t_ndef.cc, there is a possible out of bounds designed to add
0- write due to a missing bounds check. This could the missing
007 lead to remote code execution over NFC with no bounds check.
0 additional execution privileges needed. User
interaction is not needed for exploitation.

Qualcomm NA CVE- undefined


closed- 202
source 0-
components 365
1

Qualcomm NA CVE- undefined


components 202
0-
365
1

Page 8
XXX Software Release Notes CONFIDENTIAL

MediaTek
components
NA CVE-
202
Vx.y
In mnld, there is a possible information disclosure
due to an exposed network socket. This could lead
The
designed
fix is
to
0- to remote information disclosure of the user's remove
009 location with no additional execution privileges externally
1 needed. User interaction is not needed for accessible
exploitation. sockets.

MediaTek NA CVE- In The fix is


components 202 com.mediatek.email.backuprestore.EmailBackupR designed to
0- estoreReceiver, there is a possible disclosure of remove the Email
009 emails due to a missing permission check. This Backup feature
0 could lead to local information disclosure with no and related code.
additional execution privileges needed. User
interaction is not needed for exploitation.
MediaTek NA CVE- In The fix is
components 202 com.mediatek.apst.target.receiver.DaemonReceiv designed to
0- er, there is possible access to private user data remove the
006 due to a permissions bypass. This could lead to vulnerable app.
5 remote information disclosure with no additional
execution privileges needed. User interaction is
not needed for exploitation.
MediaTek NA CVE- In the OMACP app, there is a possible disclosure of The fix is
components 202 provisioning data due to a missing permission designed to limit
0- check. This could lead to local information the provisioning
006 disclosure with no additional execution privileges data to access
4 needed. User interaction is not needed for only by
exploitation. preloaded
system apps that
declare the
required
permission.
Platform 8.0,8.1,9 CVE- In lookupName of resolve.c, there is a possible The fix is
,10 201 code execution due to a use after free. This could designed to
9- lead to local escalation of privilege with no ensure that
501 additional execution privileges needed. User aliased window
8 interaction is not needed for exploitation. functions are not
used within
aggregate
functions.
Notes:Android
8.1 - This patch is
provided for
completeness.Pa
rtners on 8.1
with an SPL of
2019-03-01 or
greater are
already patched
and do not need
to re-apply this
fix. Android 9 - To
fully patch
Android 9,
partners should
apply the original
fix and

Page 9
XXX Software Release Notes CONFIDENTIAL

Vx.y supplemental
patch, both of
which are found
in the bulletin zip
file. This resolves
the previously
identified
functional
regression.
Android 8.0, 10 -
This patch did
not cause a
functional
regression and
has not changed
from the
previously
released version.
For partners who
have previously
applied and
retained this
patch there is no
action. For
Partners who
have not
previously
applied the patch
it is required as
part of SPL 2020-
04-01.These
instructions also
apply to CVE-
2019-8457 and
CVE-2019-9936
below.
Platform 10 CVE- In onOpActiveChanged and related methods of The fix is
202 AppOpsControllerImpl.java, there is a possible way designed to
0- to display an app overlaying other apps without prevent sending
008 the notification icon that it's overlaying. This could early termination
0 lead to local escalation of privilege with User of appop use.
execution privileges needed. User interaction is
needed for exploitation.
Platform 8.0,8.1,9 CVE- In finalize of AssetManager.java, there is possible The fix is
,10 202 memory corruption due to a double free. This designed to set
0- could lead to local escalation of privilege with no the pointer to
008 additional execution privileges needed. User zero after
1 interaction is not needed for exploitation. freeing.

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 140
01

Page 10
XXX Software Release Notes CONFIDENTIAL

Qualcomm
closed-
NA CVE-
201
Vx.y undefined

source 9-
components 105
75

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 140
19

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 140
18

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 140
21

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 105
88

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 105
89

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 140
09

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 140
22

Page 11
XXX Software Release Notes CONFIDENTIAL

Qualcomm
closed-
NA CVE-
201
Vx.y undefined

source 9-
components 106
10

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 140
33

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 140
20

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 106
08

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 104
83

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 105
51

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 140
12

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 106
09

Page 12
XXX Software Release Notes CONFIDENTIAL

Qualcomm
closed-
NA CVE-
201
Vx.y undefined

source 9-
components 140
11

Qualcomm NA CVE- undefined


closed- 201
source 9-
components 140
07

Platform 10 CVE- There is a possible disclosure of RAM using a In device


201 shared crypto key due to improperly used crypto. configurations,
9- This could lead to local information disclosure with zram writeback
205 no additional execution privileges needed. User must be disabled.
6 interaction is not needed for exploitation. An example code
snippet can be
found in the zip
file.
Platform 8.0,8.1,9 CVE- In rtreenode of rtree.c, there is a possible out of The fix is
,10 201 bounds read due to a missing bounds check. This designed to
9- could lead to local information disclosure with no replace the fixed-
845 additional execution privileges needed. User size stack buffer
7 interaction is not needed for exploitation. with a
dynamically-
resized string.
Platform 10 CVE- In ExternalVibration of ExternalVibration.java, The fix is
202 there is a possible activation of an arbitrary intent designed to
0- due to unsafe deserialization. This could lead to remove excessive
008 local escalation of privilege to system_server with serialization of
2 no additional execution privileges needed. User Audio Attributes.
interaction is not needed for exploitation.

Platform 8.0,8.1,9 CVE- In fts5HashEntrySort of fts5_hash.c, there is a The fix is


,10 201 possible out of bounds read due to a missing designed to add
9- bounds check. This could lead to local information the missing
993 disclosure with no additional execution privileges bounds check.
6 needed. User interaction is not needed for
exploitation.

Page 13

You might also like