CVE-2022-44455 – The appspawn and nwebspawn services were found to be vulnerable to buffer overflow vulnerability due to insufficient input validation.
https://notcve.org/view.php?id=CVE-2022-44455
The appspawn and nwebspawn services within OpenHarmony-v3.1.2 and prior versions were found to be vulnerable to buffer overflow vulnerability due to insufficient input validation. An unprivileged malicious application would be able to gain code execution within any application installed on the device or cause application crash. Se descubrió que los servicios appspawn y nwebspawn dentro de OpenHarmony-v3.1.2 y versiones anteriores eran vulnerables a la vulnerabilidad de desbordamiento de búfer debido a una validación de entrada insuficiente. Una aplicación maliciosa sin privilegios podría obtener la ejecución de código dentro de cualquier aplicación instalada en el dispositivo o provocar el bloqueo de la aplicación. • https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-12.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2022-41802 – Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres.
https://notcve.org/view.php?id=CVE-2022-41802
Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked. El subsistema del kernel dentro de OpenHarmony-v3.1.4 y versiones anteriores en kernel_liteos_a tiene una vulnerabilidad de desbordamiento de la pila del kernel cuando se llama a SysClockGetres. Los datos de relleno de 4 bytes de la pila del kernel se copian incorrectamente en el espacio del usuario y se filtran. • https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-12.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2022-42464 – Kernel memory pool override in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel pointer, which could be used in furth ...
https://notcve.org/view.php?id=CVE-2022-42464
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel pointer, which could be used in further attacks. The processes with system user UID run on the device would be able to mmap memory pools used by kernel and override them which could be used to gain kernel code execution on the device, gain root privileges, or cause device reboot. OpenHarmony versiones v3.1.2 y versiones anteriores, 3.0.6 y versiones anteriores, presentan una vulnerabilidad de anulación del pool de memoria del Kernel en el controlador de dispositivo /dev/mmz_userdev. • https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-10.md • CWE-276: Incorrect Default Permissions •
CVE-2022-41686 – Out-of-bound memory read and write in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The proc ...
https://notcve.org/view.php?id=CVE-2022-41686
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption. OpenHarmony versiones v3.1.2 y versiones anteriores, 3.0.6 y versiones anteriores, presentan una vulnerabilidad de lectura y escritura de memoria fuera de límites en el controlador de dispositivo /dev/mmz_userdev. • https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-10.md • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVE-2022-38701 – IPC in communication subsystem has a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.
https://notcve.org/view.php?id=CVE-2022-38701
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information. OpenHarmony versiones v3.1.2 y anteriores, presentan una vulnerabilidad de desbordamiento de pila. Los atacantes locales pueden desencadenar un desbordamiento de pila y conseguir información confidencial de la red • https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-09.md • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •