CVE-2022-43449 – Arbitrary file read via download_server.
https://notcve.org/view.php?id=CVE-2022-43449
OpenHarmony-v3.1.2 and prior versions had an Arbitrary file read vulnerability via download_server. Local attackers can install an malicious application on the device and reveal any file from the filesystem that is accessible to download_server service which run with UID 1000. OpenHarmony-v3.1.2 y versiones anteriores tenían una vulnerabilidad de lectura de archivos arbitraria a través del servidor de descarga. Los atacantes locales pueden instalar una aplicación maliciosa en el dispositivo y revelar cualquier archivo del sistema de archivos al que pueda acceder el servicio download_server que se ejecuta con UID 1000. • https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-11.md • CWE-20: Improper Input Validation CWE-552: Files or Directories Accessible to External Parties •
CVE-2022-43451 – Multiple path traversal in appspawn and nwebspawn services.
https://notcve.org/view.php?id=CVE-2022-43451
OpenHarmony-v3.1.2 and prior versions had an Multiple path traversal vulnerability in appspawn and nwebspawn services. Local attackers can create arbitrary directories or escape application sandbox.If chained with other vulnerabilities it would allow an unprivileged process to gain full root privileges. OpenHarmony-v3.1.2 y versiones anteriores tenían una vulnerabilidad de Multiple path traversal en los servicios appspawn y nwebspawn. Los atacantes locales pueden crear directorios arbitrarios o escapar de la zona de pruebas de la aplicación. Si se encadena con otras vulnerabilidades, permitiría que un proceso sin privilegios obtuviera privilegios completos del root. • https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-11.md • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-287: Improper Authentication •
CVE-2022-42464 – Kernel memory pool override in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel pointer, which could be used in furth ...
https://notcve.org/view.php?id=CVE-2022-42464
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel pointer, which could be used in further attacks. The processes with system user UID run on the device would be able to mmap memory pools used by kernel and override them which could be used to gain kernel code execution on the device, gain root privileges, or cause device reboot. OpenHarmony versiones v3.1.2 y versiones anteriores, 3.0.6 y versiones anteriores, presentan una vulnerabilidad de anulación del pool de memoria del Kernel en el controlador de dispositivo /dev/mmz_userdev. • https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-10.md • CWE-276: Incorrect Default Permissions •
CVE-2022-42463 – Softbus_server in communication subsystem has a authenication bypass vulnerability in a callback handler function. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary co ...
https://notcve.org/view.php?id=CVE-2022-42463
OpenHarmony-v3.1.2 and prior versions have an authenication bypass vulnerability in a callback handler function of Softbus_server in communication subsystem. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary commands. OpenHarmony versiones v3.1.2 y versiones anteriores, presentan una vulnerabilidad de omisión de autentificación en una función de callback handler de Softbus_server en el subsistema de comunicación. Los atacantes pueden lanzar ataques en redes distribuidas mediante el envío de paquetes Bluetooth rfcomm a cualquier dispositivo remoto y ejecutando comandos arbitrarios • https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-10.md • CWE-287: Improper Authentication •
CVE-2022-41686 – Out-of-bound memory read and write in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The proc ...
https://notcve.org/view.php?id=CVE-2022-41686
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption. OpenHarmony versiones v3.1.2 y versiones anteriores, 3.0.6 y versiones anteriores, presentan una vulnerabilidad de lectura y escritura de memoria fuera de límites en el controlador de dispositivo /dev/mmz_userdev. • https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-10.md • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •