CVE-2024-41160 – Liteos-A has an use after free vulnerability
https://notcve.org/view.php?id=CVE-2024-41160
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. en OpenHarmony v4.1.0 y versiones anteriores se permite que un atacante local haga que el permiso común se actualice a superusuario y se filtre información confidencial mediante use after free. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md • CWE-416: Use After Free •
CVE-2024-41157 – Liteos-A has an use after free vulnerability
https://notcve.org/view.php?id=CVE-2024-41157
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. en OpenHarmony v4.1.0 y versiones anteriores se permite que un atacante local haga que el permiso común se actualice a superusuario y se filtre información confidencial mediante use after free. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md • CWE-416: Use After Free •
CVE-2024-39775 – Net Manager has an out-of-bounds read permission bypass vulnerability
https://notcve.org/view.php?id=CVE-2024-39775
in OpenHarmony v4.1.0 and prior versions allow a remote attacker cause information leak through out-of-bounds Read. en OpenHarmony v4.1.0 y versiones anteriores, permitir que un atacante remoto provoque fuga de información a través de lecturas fuera de los límites. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md • CWE-125: Out-of-bounds Read CWE-922: Insecure Storage of Sensitive Information •
CVE-2024-39612 – Background Task Manager has an out-of-bounds read permission bypass vulnerability
https://notcve.org/view.php?id=CVE-2024-39612
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. en OpenHarmony v4.0.0 y versiones anteriores, se permite que un atacante local provoque fugas de información a través de lecturas fuera de los límites. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md • CWE-125: Out-of-bounds Read CWE-922: Insecure Storage of Sensitive Information •
CVE-2024-38382 – Ability Runtime has an out-of-bounds read permission bypass vulnerability
https://notcve.org/view.php?id=CVE-2024-38382
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. en OpenHarmony v4.0.0 y versiones anteriores, se permite que un atacante local provoque fugas de información a través de lecturas fuera de los límites. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md • CWE-125: Out-of-bounds Read CWE-922: Insecure Storage of Sensitive Information •