Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 18.104.22.168(C00E82R1P21), Versions earlier than Emily-TL00B 22.214.171.124(C01E82R1P21), Versions earlier than Emily-L09C 126.96.36.199(C432E7R1P11), Versions earlier than Emily-L29C 188.8.131.52(C432E7R1P11), Versions earlier than Emily-L29C 184.108.40.206(C185E2R1P12) have a double free vulnerability. An attacker tricks the user into installing a malicious application, which frees on the same memory address twice. Successful exploit could result in malicious code execution.
CWE-415 - Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.