CVE-2021-22379 – This CVE describes an integer underflow vulnera... (How to Fix)

Q: What is the severity of CVE-2021-22379?

CVE-2021-22379 has a CVSS score of 7.5 (HIGH). This CVE describes an integer underflow vulnerability in Huawei smartphones' Samgr component, which could allow an attacker to cause a denial-of-service (DoS) by crashing the service. It affects Huawei smartphone users running vulnerable software versions. Exploitation requires local access to the device.

📋 TL;DR

This CVE describes an integer underflow vulnerability in Huawei smartphones' Samgr component, which could allow an attacker to cause a denial-of-service (DoS) by crashing the service. It affects Huawei smartphone users running vulnerable software versions. Exploitation requires local access to the device.

💻 Affected Systems

Products:

Huawei smartphones

Versions: Specific versions not detailed in provided references; check Huawei advisories for exact ranges.

Operating Systems: Android-based Huawei EMUI

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability is in the Samgr component; exact models and versions should be verified via Huawei bulletins.

📦 What is this software?

Emui by Huawei

View all CVEs affecting Emui →

Magic Ui by Huawei

View all CVEs affecting Magic Ui →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete DoS of the Samgr service, potentially disrupting system functionality and requiring a device restart.

🟠

Likely Case

Local DoS attack leading to temporary unavailability of affected services on the smartphone.

🟢

If Mitigated

Minimal impact if patched or with restricted local access; services remain operational.

🌐 Internet-Facing: LOW, as exploitation requires local access to the device, not remote network access.

🏢 Internal Only: MEDIUM, as local attackers or malicious apps could exploit it to cause DoS on vulnerable devices.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation likely requires local access and knowledge of the vulnerability; no public exploits known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Huawei security bulletins for specific patched versions (e.g., June 2021 updates).

Vendor Advisory: https://consumer.huawei.com/en/support/bulletin/2021/6/

Restart Required: Yes

Instructions:

1. Check for software updates in device settings. 2. Install the latest security patch from Huawei. 3. Restart the device after update.

🔧 Temporary Workarounds

Restrict local app permissions

all

Limit app installations and permissions to reduce attack surface from malicious local apps.

🧯 If You Can't Patch

Monitor device for unusual crashes or performance issues in Samgr-related services.
Isolate vulnerable devices from untrusted networks and users to minimize local attack risk.

🔍 How to Verify

Check if Vulnerable:

Check device software version in settings and compare with Huawei's patched versions in advisories.

Check Version:

On Huawei device: Settings > System & updates > Software update to view current version.

Verify Fix Applied:

Confirm the installed software version matches or exceeds the patched version listed by Huawei.

📡 Detection & Monitoring

Log Indicators:

Logs showing Samgr service crashes or abnormal terminations on Huawei devices.

Network Indicators:

No specific network indicators as it's a local vulnerability.

SIEM Query:

Example: 'event: Samgr crash OR service failure on Huawei device' in relevant logs.

📊 Metadata

CVE ID: CVE-2021-22379

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-191

Published: August 2, 2021

Last Updated: November 21, 2024

🔗 References

https://consumer.huawei.com/en/support/bulletin/2021/6/ Vendor Advisory
https://consumer.huawei.com/en/support/bulletin/2021/6/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-22379, you might also want to check these: