CVE-2022-38986

Опубликовано: 14 окт. 2022

Источник: nvd

CVSS3: 9.1

EPSS Низкий

Описание

The HIPP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause out-of-bounds access to the HIPP module and page table tampering, affecting device confidentiality and availability.

Ссылки

https://consumer.huawei.com/en/support/bulletin/2022/10/
Vendor Advisory
https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697
Vendor Advisory
https://consumer.huawei.com/en/support/bulletin/2022/10/
Vendor Advisory
https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*

cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.00052

Низкий

9.1 Critical

CVSS3

Дефекты

NVD-CWE-Other

CWE-787

Связанные уязвимости

GHSA-2gqc-hf8q-hvqq