### [CVE-2016-8764](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8764)
![](https://img.shields.io/static/v1?label=Product&message=P9%2CP9%20Lite%2CP8%20Lite%20Versions%20earlier%20than%20EVA-AL10C00B352%2CVNS-L21C185B130%20and%20earlier%20versions%2CALE-L02C636B150%20and%20earlier%20versions&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=input%20validation&color=brighgreen)

### Description

The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/23hour/boomerang_qemu
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ucsb-seclab/boomerang