CVE-2021-37120 – CVE-2021-37120 is a double-free vulnerability i... (How to Fix)

Q: What is the severity of CVE-2021-37120?

CVE-2021-37120 has a CVSS score of 9.8 (CRITICAL). CVE-2021-37120 is a double-free vulnerability in Huawei smartphones that allows attackers to cause kernel crashes or potentially escalate privileges. This affects Huawei smartphone users running vulnerable software versions. The vulnerability occurs when memory is freed twice, leading to memory corruption.

📋 TL;DR

CVE-2021-37120 is a double-free vulnerability in Huawei smartphones that allows attackers to cause kernel crashes or potentially escalate privileges. This affects Huawei smartphone users running vulnerable software versions. The vulnerability occurs when memory is freed twice, leading to memory corruption.

💻 Affected Systems

Products:

Huawei smartphones

Versions: Specific versions not detailed in provided references; check Huawei advisories for exact affected versions.

Operating Systems: HarmonyOS, Android-based Huawei EMUI

Default Config Vulnerable: ⚠️ Yes

Notes: Affects Huawei smartphones with vulnerable kernel components. Exact models and versions require checking Huawei's official bulletins.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise with kernel-level privilege escalation, allowing attackers to execute arbitrary code with highest system privileges.

🟠

Likely Case

Device instability, kernel crashes leading to denial of service, or limited privilege escalation in constrained scenarios.

🟢

If Mitigated

Reduced impact through security controls like exploit mitigations, but still potential for denial of service.

🌐 Internet-Facing: MEDIUM - Requires user interaction or app installation, not directly exploitable over network without user action.

🏢 Internal Only: MEDIUM - Could be exploited through malicious apps or compromised applications on the device.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation typically requires local access or ability to execute code on the device. Double-free vulnerabilities can be complex to exploit reliably.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Huawei security bulletins for specific patched versions

Vendor Advisory: https://consumer.huawei.com/en/support/bulletin/2021/10/

Restart Required: Yes

Instructions:

1. Check for system updates in device settings. 2. Install latest security update from Huawei. 3. Reboot device after update completes.

🔧 Temporary Workarounds

Avoid untrusted apps

all

Prevent installation of applications from untrusted sources to reduce attack surface.

Enable security features

all

Ensure all device security features are enabled including app verification and security scanning.

🧯 If You Can't Patch

Restrict device to essential applications only from trusted sources
Implement mobile device management with strict application control policies

🔍 How to Verify

Check if Vulnerable:

Check device security patch level in Settings > About phone > Build number and compare with Huawei security bulletins.

Check Version:

No single command; check via device Settings > About phone

Verify Fix Applied:

Verify security patch date is October 2021 or later in device settings after update.

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Unexpected process crashes
Memory corruption errors in system logs

Network Indicators:

Unusual outbound connections from system processes

SIEM Query:

Device logs showing kernel crashes or privilege escalation attempts from userland processes

📊 Metadata

CVE ID: CVE-2021-37120

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-415

Published: January 3, 2022

Last Updated: November 21, 2024

🔗 References

https://consumer.huawei.com/en/support/bulletin/2021/10/ Vendor Advisory
https://consumer.huawei.com/en/support/bulletin/2021/10/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-37120, you might also want to check these: