Product name Confidentiality level

MAR-LX3A CONFIDENTIAL
Commercial Name
Total 12 pages
HUAWEI P30 lite

XXX Software Release Notes Vx.y

Prepared by MAR Team Date 2019-4-27

Reviewed by MAR Team Date 2019-4-27
Approved by MAR Team Date 2019-4-27

Huawei Technologies Co., Ltd.

All rights reserved

 Revision Record
Date Revision Change Description Author
version
yyyy-mm-dd 1.0 Release for version V100R001CXXB001 XXX TEAM

yyyy-mm-dd 1.1 Add OTA feature description XXX TEAM

yyyy-mm-dd 2.0 Release for version V100R001CXXB002 XXX TEAM

1. Change “Product version” to “Commercial Name”

2. Remove “Main features”
3. Make “Version Description” more clear
2018-2-13 2.1 4.Change” Improvement in the Previous Version” to
MR TEAM
“Improvement From the Previous Version”
4.Change “Effect” to “Remarks”

2018-5-18 2.2 Add match EMUI 9.0 template Custom Team

 Table of Contents
1 Version Description..................................................................................................................4
2 New Features..........................................................................................................................4
3 Improvement From the Previous Version................................................................................4
4 Known Limitations and Issues.................................................................................................5
5 Software Vulnerabilities Fixes..................................................................................................5
 XXX Software Release Notes CONFIDENTIAL

Vx.y
XXX Software Release Notes Vx.y

1 Version Description
Model MAR-LX3A

Build number Marie-L23A 9.1.0.215(C605E5R4P2)

Previous released number MAR-LX3A 9.0.1.170(C605E5R4P1)

IMEI SV 09
OS version Android 9

EMUI version EMUI 9.1.0

CPU Hisilicon Kirin 710

Baseband version 21C20B388S000C000, 21C20B388S000C000
4.9.148
Kernel Version android@localhost#1
Thu Jul 11 01:22:22 CTS 2019
Version Type MR4

2 New Features
Index Issue Description

1 IMS market support capabilities.

2 Other product domains require APK presets for overseas versions.

3 Dual-IMSI requirements.

4 Enhances the system maintainability

3 Improvement From the Previous Version

Index Issue Description

4 Known Limitations and Issues

Index Issue Description Remarks
1
2
3

Page 4
 XXX Software Release Notes CONFIDENTIAL

Vx.yFixes
5 Software Vulnerabilities
[Software Vulnerabilities include Android Vulnerability, Third-party software Vulnerability, and Huawei
Vulnerability]

[Android Vulnerability is from Google, which reported publicly.]

[Third-party software is a type of computer software that is sold together with or provided for free in Huawei
products or solutions with the ownership of intellectual property rights (IPR) held by the original contributors.
Third-party software can be but is not limited to: Purchased software, Software that is built in or attached to
purchased hardware, Software in products of the original equipment manufacturer (OEM) or original design
manufacturer (ODM), Software that is developed with technical contribution from partners (ownership of IPR
all or partially held by the partners), Software that is legally obtained free of charge.
The data of third-party software vulnerabilities fixes can be exported from PDM.
If the table is excessively long, you can divide it into multiple ones by product version, or deliver it in an excel
file with patch release notes and provide reference information in this section.]

[Huawei Vulnerability is Huawei own software’ Vulnerability, which found by outside]

Vulnerabilities information is available through CVE IDs in NVD (National Vulnerability Database) website:
http://web.nvd.nist.gov/view/vuln/search

Software/ Version CVE Vulnerability Description Impact Description

Module name ID

NVIDIA NA CVE- In warmboot code of Pixel C's If your devices are

components 2018 BootROM, there is a possible affected please
- arbitrary memory write due to contact NVIDIA for
6240 a missing bounds check. This the fix.
could lead to local escalation of
privilege with System execution
privileges needed. User
interaction is not needed for
exploitation.
NVIDIA NA CVE- In Arm Trusted Firmware, there If your devices are
components 2017 is a possible disclosure of affected please
- information from speculative contact NVIDIA for
5715 execution due to an unusual the fix.
root cause. This could lead to
local information disclosure of
data secured by the TEE with no
additional execution privileges
needed. User interaction is not
needed for exploitation.
Platform 9 CVE- In the Xaac decoder, failure to The fix is designed to
2016 initialize would result in no data return an error when
- being consumed in the decoder is not
2428 subsequent process call, initialized before first
resulting in an infinite loop. process call.

Platform 7.0,7.1.1,7.1.2,8.0,8. CVE- In rw_i93_sm_update_ndef of The fix is designed to

1,9 2019 rw_i93.cc, there is a possible add length checks to
- out-of-bound write due to a rw_i93_sm_update_n
2035 missing bounds check. This def and related
Page 5
 XXX Software Release Notes CONFIDENTIAL

Vx.y
could lead to local escalation of
privilege with no additional
rw_i93_* functions.

execution privileges needed.

User interaction is needed for
exploitation.
Platform 9 CVE- In rw_i93_process_ext_sys_info The fix is designed to
2019 of rw_i93.cc, there is a possible add the missing
- out-of-bound read due to a bounds checks.
2040 missing bounds check. This
could lead to local information
disclosure with no additional
execution privileges needed.
User interaction is needed for
exploitation.
Platform 8.1,9 CVE- In the configuration of NFC The fix is designed to
2019 modules on certain devices, set the NFC Type-A
- there is a possible failure to HCE to a random UID.
2041 distinguish individual devices
due to an insecure default
value. This could lead to local
escalation of privilege with no
additional execution privileges
needed. User interaction is
needed for exploitation.
Platform 9 CVE- In create_hdr of The fix is designed to
2019 dnssd_clientstub.c, there is a ensure that DNS
- possible use after free. This service references are
2033 could lead to local escalation of wrapped in a mutex
privilege with no additional and are nulled after
execution privileges needed. deallocation.
User interaction is not needed
for exploitation.
Platform 7.0,7.1.1,7.1.2,8.0,8. CVE- In rw_i93_process_sys_info of The fix is designed to
1,9 2019 rw_i93.cc, there is a possible add the missing
- out-of-bound read due to a bounds checks.
2038 missing bounds check. This
could lead to local information
disclosure with no additional
execution privileges needed.
User interaction is needed for
exploitation.
Platform 8.0,8.1,9 CVE- In SetScanResponseData of The fix is designed to
2019 ble_advertiser_hci_interface.cc, add multiple bounds
- there is a possible out-of-bound checks preventing
2032 write due to a missing bounds lengths from being
check. This could lead to local too large.
escalation of privilege with no
additional execution privileges
needed. User interaction is not
needed for exploitation.
Platform 7.0,7.1.1,7.1.2,8.0,8. CVE- In numerous hand-crafted The fix is designed to
1,9 2019 functions in libmpeg2, NEON correctly push and
- registers are not preserved. pop the NEON
2028 This could lead to remote code registers.
execution with no additional
execution privileges needed.
Page 6
 XXX Software Release Notes CONFIDENTIAL

Vx.y
User interaction is needed for
exploitation.
Platform 7.0,7.1.1,7.1.2,8.0,8. CVE- In btm_proc_smp_cback of The fix is designed to
1,9 2019 tm_ble.cc, there is a possible check if the device
- memory corruption due to a record has already
2029 use after free. This could lead been freed.
to remote code execution with
no additional execution
privileges needed. User
interaction is needed for
exploitation.
Platform 7.0,7.1.1,7.1.2,8.0,8. CVE- In l2cu_send_peer_config_rej The fix is designed to
1,9 2019 of l2c_utils.cc, there is a correctly verify the
- possible out-of-bound read due lengths of fields with
2037 to an incorrect bounds check. deterministic lengths.
This could lead to remote
information disclosure with no
additional execution privileges
needed. User interaction is not
needed for exploitation.
Platform 9 CVE- In removeInterfaceAddress of The fix is designed to
2019 NetworkController.cpp, there is prevent the use after
- a possible use after free. This free.
2030 could lead to remote code
execution with no additional
execution privileges needed.
User interaction is not needed
for exploitation.
Platform 7.0,7.1.1,7.1.2,8.0,8. CVE- In floor0_inverse1 of floor0.c, The fix is designed to
1,9 2019 there is a possible out of fix the size bounds
- bounds write due to an check.
2027 incorrect bounds check. This
could lead to remote code
execution with no additional
execution privileges needed.
User interaction is needed for
exploitation.
NVIDIA NA CVE- In warmboot code of Pixel C's If your devices are
components 2018 BootROM, there is a possible affected please
- arbitrary memory write due to contact NVIDIA for
6240 an unusual root cause. This the fix.
could lead to local escalation of
privilege in the trust zone with
System execution privileges
needed. User interaction is not
needed for exploitation.
Platform 7.0,7.1.1,7.1.2,8.0,8. CVE- In rw_i93_sm_read_ndef of The fix is designed to
1,9 2019 rw_i93.cc, there is a possible add length checks to
- out-of-bounds write due to an rw_i93_sm_read_nde
2034 integer overflow. This could f and related
lead to local escalation of rw_i93_* functions.
privilege in the NFC process
with no additional execution
privileges needed. User
interaction is needed for
exploitation.
Page 7
 XXX Software Release Notes CONFIDENTIAL

Platform 7.0,7.1.1,7.1.2,8.0,8.
1,9
Vx.y
CVE-
In rw_i93_sm_detect_ndef of
2019
rw_i93.cc, there is a possible
The fix is designed to
add the missing
- out-of-bound read due to a bounds check.
2039 missing bounds check. This
could lead to local information
disclosure with no additional
execution privileges needed.
User interaction is needed for
exploitation.
Platform 8.0 CVE- In updateAssistMenuItems of The fix is designed to
2019 Editor.java, there is a possible disable smart text
- escape from the Setup Wizard assist during Setup
2026 due to a missing permission Wizard.
check. This could lead to local
escalation of privilege and FRP
bypass with no additional
execution privileges needed.
User interaction is not needed
for exploitation.
Platform 7.0,7.1.1,7.1.2,8.0,8. CVE- In The fix is designed to
1,9 2019 rw_t3t_act_handle_check_ndef check the message
- _rsp of rw_t3t.cc, there is a length.
2031 possible out-of-bound write
due to a missing bounds check.
This could lead to local
escalation of privilege with no
additional execution privileges
needed. User interaction is not
needed for exploitation.

Page 8